SSL Certificate Analysis for mail.giftedluvv.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=crackedstreams.plus

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 15, 2026

Valid Until

August 13, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

8B:BB:63:0F:C6:CB:E4:3D:44:34:6B:EA:FB:D9:9D:FC:4B:5C:FC:23:79:C1:4D:DA:D2:C1:00:69:57:B8:11:47

Alternative Names

83 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

83 domains

giftedluvv.com *.giftedluvv.com *.hostmaster.giftedluvv.com *.mail.giftedluvv.com *.webmail.giftedluvv.com *.ww1.giftedluvv.com *.ww7.giftedluvv.com

Other domains in certificate

artlab-aichi.com *.artlab-aichi.com *.jenkins.artlab-aichi.com *.random.artlab-aichi.com

boombox.codes *.boombox.codes

caretakers.au *.caretakers.au *.random.caretakers.au

*.asp.carrolltransportationinc.com carrolltransportationinc.com *.carrolltransportationinc.com *.cl.carrolltransportationinc.com

*.autodiscover.cooleyforcongress.com cooleyforcongress.com *.cooleyforcongress.com

crackedstreams.plus *.crackedstreams.plus

dabybas.cfd *.dabybas.cfd

dotsentry.com *.dotsentry.com *.hostmaster.dotsentry.com *.random.dotsentry.com *.www.dotsentry.com

freepeopple.com *.freepeopple.com *.random.freepeopple.com

hedoneexperience.com *.hedoneexperience.com *.pruebas.hedoneexperience.com *.store.hedoneexperience.com

*.atthronestop.hronestop.com hronestop.com *.hronestop.com

illustrious.au *.illustrious.au *.random.illustrious.au

jellytote.com *.jellytote.com *.ww17.jellytote.com

*.hostmaster.mojozine.com mojozine.com *.mojozine.com

ndreams.org *.ndreams.org

nxtwork.net *.nxtwork.net *.random.nxtwork.net *.ww16.nxtwork.net

nza.au *.nza.au *.random.nza.au

ottishoes.com *.ottishoes.com

*.email.paragenesmusic.com paragenesmusic.com *.paragenesmusic.com

*.paragonconnect.paragonreis.com paragonreis.com *.paragonreis.com

personaloans.co.za *.personaloans.co.za

plutodigital.co *.plutodigital.co

powertochosse.com *.powertochosse.com

*.random.sclerosis.au sclerosis.au *.sclerosis.au

www2gndi.com.br *.www2gndi.com.br

*.random.youthwhec.org *.ww38.youthwhec.org youthwhec.org *.youthwhec.org