SSL Certificate Analysis for humoroids.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=magazijn-opslag-systemen.buzz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 02, 2026

Valid Until

May 03, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FE:40:17:8D:6D:8F:DE:B5:BF:F0:A7:3A:A6:7F:A4:89:D5:F8:30:4F:C1:0D:BB:FE:37:AC:93:63:F5:E2:EA:34

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

humoroids.com *.humoroids.com

Other domains in certificate

glcueakaozzsnor.cc *.glcueakaozzsnor.cc

greatautoprices.com *.greatautoprices.com

greenmadeinitaly.com *.greenmadeinitaly.com

handcraftedinvirginia.us *.handcraftedinvirginia.us

hotelmody.com *.hotelmody.com

impreseservizi.com *.impreseservizi.com

johnsonshoreinn.com *.johnsonshoreinn.com

krynor.com *.krynor.com

laitart.pl *.laitart.pl

leggenda.com *.leggenda.com

legittimi.com *.legittimi.com

lienocele.com *.lienocele.com

locorotondo.net *.locorotondo.net

lucianodecrescenzo.com *.lucianodecrescenzo.com

magazijn-opslag-systemen.buzz *.magazijn-opslag-systemen.buzz

maxmeda.com *.maxmeda.com

moneyx88.com *.moneyx88.com

musicmonitor.net *.musicmonitor.net

mz643.top *.mz643.top

ngrecords.com *.ngrecords.com

nicolina.net *.nicolina.net

nmiis.bid *.nmiis.bid

nonstoppharma.com *.nonstoppharma.com

office-furniture-mx-2022.click *.office-furniture-mx-2022.click

omahasoul.org *.omahasoul.org

ouyangjf.top *.ouyangjf.top

personalshopping.au *.personalshopping.au

pkseries.pk *.pkseries.pk

portasapone.com *.portasapone.com

projp166.org *.projp166.org

qgtwdh.top *.qgtwdh.top

renthk.com *.renthk.com

ricchi.co *.ricchi.co

rq42.top *.rq42.top

salmour.com *.salmour.com

scaricaonline.com *.scaricaonline.com

sharpefit.com *.sharpefit.com

siu88pro.net *.siu88pro.net

spacedestination.com *.spacedestination.com

swodk.bid *.swodk.bid

tavolirotanti.com *.tavolirotanti.com

testiteatrali.com *.testiteatrali.com

timeoutdevices.com *.timeoutdevices.com

tkkpo.pro *.tkkpo.pro