SSL Certificate Analysis for just1diet.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=forage.biz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 74 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

9E:25:66:AB:2E:27:37:5D:DF:6B:A0:A2:40:3C:3F:F0:9F:98:7F:35:48:44:5C:D2:D0:FB:4C:D0:90:4C:E9:FD

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

just1diet.com *.just1diet.com *.ww25.just1diet.com

Other domains in certificate

allsp.net *.allsp.net *.dev.allsp.net *.vpn.allsp.net *.ww1.allsp.net *.ww2.allsp.net

bedcovers.com.au *.bedcovers.com.au *.ww25.bedcovers.com.au

breeze-on-spark.click *.breeze-on-spark.click *.c5y87j.breeze-on-spark.click

*.admin.drmantra.in *.app.drmantra.in *.contact.drmantra.in *.dashboard.drmantra.in *.dashboards.drmantra.in *.data.drmantra.in drmantra.in *.drmantra.in *.img045n9.drmantra.in *.localhost.drmantra.in *.mail.drmantra.in *.mc.drmantra.in *.notexistsmc.drmantra.in *.report.drmantra.in *.reporting.drmantra.in *.shop.drmantra.in *.smtp.drmantra.in *.superset.drmantra.in *.webdisk.drmantra.in *.webmail.drmantra.in

*.api.forage.biz *.app.forage.biz *.dev.forage.biz *.eb5gj8.forage.biz forage.biz *.forage.biz *.m.forage.biz *.www.forage.biz

*.hostmaster.illocale.com illocale.com *.illocale.com *.wildcard.illocale.com *.ww16.illocale.com *.ww17.illocale.com

india-result.org *.india-result.org *.ww25.india-result.org

*.autodiscover.kalangalahomeforcsn.org *.database.kalangalahomeforcsn.org kalangalahomeforcsn.org *.kalangalahomeforcsn.org

*.fq.mtonetwork.com mtonetwork.com *.mtonetwork.com *.ns1.mtonetwork.com *.ring.mtonetwork.com *.test.mtonetwork.com

panworldmovie.online *.panworldmovie.online

*.miidb.picelbois.tech picelbois.tech *.picelbois.tech *.ww38.picelbois.tech

qzqfs.cn *.qzqfs.cn *.wwww.qzqfs.cn

saltatorische-erregungsleitung.de *.saltatorische-erregungsleitung.de

searchforsmthing.com *.searchforsmthing.com

strawbarry.com *.strawbarry.com *.veteran.strawbarry.com

*.api.sugarloafkeyhomes.com *.mail.sugarloafkeyhomes.com *.mailer.sugarloafkeyhomes.com *.marketing.sugarloafkeyhomes.com *.secure.sugarloafkeyhomes.com sugarloafkeyhomes.com *.sugarloafkeyhomes.com *.v1.sugarloafkeyhomes.com *.yzmmel.sugarloafkeyhomes.com

swifttidediplomat.com *.swifttidediplomat.com *.ww25.swifttidediplomat.com