SSL Certificate Analysis for nextgenquotes.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=16895.lgbt

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 23, 2026

Valid Until

August 21, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

09:6F:B4:90:27:17:A6:27:F0:CC:B6:8A:31:6D:B3:10:19:8E:6C:A8:42:16:99:18:DD:DA:92:09:00:8D:5C:52

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

nextgenquotes.com *.nextgenquotes.com

Other domains in certificate

16895.lgbt *.16895.lgbt

48786.agency *.48786.agency

55528vv.cc *.55528vv.cc

86596.loan *.86596.loan

87638.sx *.87638.sx

913vn09.co *.913vn09.co

925.live *.925.live

95150.one *.95150.one

959807.club *.959807.club

9936av.com *.9936av.com

998627.co *.998627.co

blueberrystudio.africa *.blueberrystudio.africa

bonus-kabosu.network *.bonus-kabosu.network

bs2web6.shop *.bs2web6.shop

cetus.sbs *.cetus.sbs

dgicp.biz *.dgicp.biz

entertainmixhub.sbs *.entertainmixhub.sbs

eroy4a4yd8.cc *.eroy4a4yd8.cc

filmai44.vip *.filmai44.vip

kubet-official.net *.kubet-official.net

lawsonandsons.com *.lawsonandsons.com

legacyzone365.shop *.legacyzone365.shop

lemonadewithapulse.com *.lemonadewithapulse.com

lenuvo.auction *.lenuvo.auction

leon-casino-0csex.xyz *.leon-casino-0csex.xyz

leon-casino-5wjdc.xyz *.leon-casino-5wjdc.xyz

leon-casino-pdl63.xyz *.leon-casino-pdl63.xyz

lkoklk.com *.lkoklk.com

nextgenerationquote.com *.nextgenerationquote.com

omegahub911.shop *.omegahub911.shop

ordercafebunnmi.com *.ordercafebunnmi.com

peachpineapplepunch.com *.peachpineapplepunch.com

pentest.au *.pentest.au

polimentosagora.com *.polimentosagora.com

purgq.biz *.purgq.biz

qbfum6.top *.qbfum6.top

vulkan-platinum-9kl.top *.vulkan-platinum-9kl.top

w7bqi7.cyou *.w7bqi7.cyou

watertorture.com *.watertorture.com

website-construct.com *.website-construct.com

xcrby.cn *.xcrby.cn

xnezt.cn *.xnezt.cn

ypfkenya.org *.ypfkenya.org

zzshuo7.com *.zzshuo7.com