SSL Certificate Analysis for mail.bitdotdevs.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mybusiness.one

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 16, 2026

Valid Until

August 14, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AF:F5:2A:0E:3F:80:F8:B6:20:2A:F8:2A:CA:B2:87:E9:56:18:57:1E:0D:58:57:36:9A:47:48:51:22:9B:59:7C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

bitdotdevs.com *.bitdotdevs.com *.admin.bitdotdevs.com *.agent.bitdotdevs.com *.apis.bitdotdevs.com *.app.bitdotdevs.com *.assets.bitdotdevs.com *.c722xl.bitdotdevs.com *.dev.bitdotdevs.com *.hostmaster.bitdotdevs.com *.mail.bitdotdevs.com *.members.bitdotdevs.com *.test.bitdotdevs.com *.user.bitdotdevs.com

Other domains in certificate

*.08e3585e5b.1130yjj301.top 1130yjj301.top *.1130yjj301.top *.50d1b2cd15.1130yjj301.top

67214.my *.67214.my

appmh04.cc *.appmh04.cc *.ww25.appmh04.cc

cammackchildrenscenter.org *.cammackchildrenscenter.org *.mail.cammackchildrenscenter.org *.ww38.cammackchildrenscenter.org

*.avcome.cricfreetv.live cricfreetv.live *.cricfreetv.live *.wildcard.cricfreetv.live

edmstudy.xyz *.edmstudy.xyz *.ww38.edmstudy.xyz

*.api.fetishism.blog *.assets.fetishism.blog *.backup.fetishism.blog *.demo.fetishism.blog *.eibzfd.fetishism.blog fetishism.blog *.fetishism.blog

*.26f41e4e-f08f-43f9-928c-2ee24ba5760a.manifesting6.online *.7u83k9.manifesting6.online manifesting6.online *.manifesting6.online *.www.manifesting6.online

*.m.mybusiness.one mybusiness.one *.mybusiness.one *.random.mybusiness.one *.www.mybusiness.one

norteamerica.net *.norteamerica.net *.secure.norteamerica.net

*.m.publicpalette.com *.momkjt.publicpalette.com publicpalette.com *.publicpalette.com

*.jsjxy.smt-oem.cn smt-oem.cn *.smt-oem.cn *.www.smt-oem.cn *.wzx.smt-oem.cn

*.buy.superserv.site *.catalogos.superserv.site *.catalogosas.superserv.site *.lojabuy.superserv.site *.lojadigital.superserv.site *.modelos.superserv.site *.scripts.superserv.site superserv.site *.superserv.site *.trabalhos.superserv.site

*.admin.termedimerano.it *.api.termedimerano.it *.backend.termedimerano.it *.demo.termedimerano.it *.dev.termedimerano.it *.hostmaster.termedimerano.it termedimerano.it *.termedimerano.it

*.hostmaster.xn--mgbx8cdt.com xn--mgbx8cdt.com *.xn--mgbx8cdt.com

*.bbs.zyc.it *.mail.zyc.it *.random.zyc.it zyc.it *.zyc.it