SSL Certificate Analysis for molox.pro - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=00398.my

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 20, 2026

Valid Until

August 18, 2026 58 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EB:E7:43:43:31:DA:07:55:03:7D:C6:BD:3F:20:B5:BA:57:47:B6:60:EF:03:4F:47:E5:C2:E0:16:13:62:3A:3A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

molox.pro *.molox.pro

Other domains in certificate

00398.my *.00398.my

009680.com *.009680.com

030065.club *.030065.club

56005.one *.56005.one

95zn.cc *.95zn.cc

9pjljt.cc *.9pjljt.cc

bitcloud.digital *.bitcloud.digital

bitcoinrise.digital *.bitcoinrise.digital

browsegence.com *.browsegence.com

btcchain.digital *.btcchain.digital

btcoinvest.digital *.btcoinvest.digital

cafescomdeuspais.com *.cafescomdeuspais.com

caomei1115.top *.caomei1115.top

conference-lines-760024452.click *.conference-lines-760024452.click

credithouse.co *.credithouse.co

cwejg.gdn *.cwejg.gdn

dental-implants2025.info *.dental-implants2025.info

dfhbg.srl *.dfhbg.srl

dgenlg.gdn *.dgenlg.gdn

dghbh.srl *.dghbh.srl

dghgr.srl *.dghgr.srl

dhcsfd.srl *.dhcsfd.srl

di9se.cn *.di9se.cn

digital-advertising-mb5.click *.digital-advertising-mb5.click

dill-ivery.com *.dill-ivery.com

directdeal.co *.directdeal.co

discoverdalecarnegie.digital *.discoverdalecarnegie.digital

djfefe.auction *.djfefe.auction

dtd76t.cc *.dtd76t.cc

fitness2.click *.fitness2.click

jzysf.gdn *.jzysf.gdn

kfmih.gdn *.kfmih.gdn

kwqruy.gdn *.kwqruy.gdn

lgclx.gdn *.lgclx.gdn

lomonasquezy.click *.lomonasquezy.click

lpqof.vip *.lpqof.vip

lynixia.com *.lynixia.com

makcconstruction.com *.makcconstruction.com

omacq.gdn *.omacq.gdn

usdt33.cc *.usdt33.cc

winwithdalecarnegie.pro *.winwithdalecarnegie.pro

www314hy.cc *.www314hy.cc

www97c.top *.www97c.top

zzz882.top *.zzz882.top