SSL Certificate Analysis for not911.com - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

CN=getlowetcarpayment.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 30, 2026

Valid Until

April 30, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

03:00:33:A7:39:CF:D4:59:CD:2D:DE:F9:E7:B6:5F:10:D7:D2:C9:FB:22:82:86:33:3B:D1:90:91:8E:2C:6A:38

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

not911.com *.not911.com *.m.not911.com *.remote.not911.com *.www.not911.com

Other domains in certificate

alordisa.com *.alordisa.com *.com.alordisa.com *.online.alordisa.com *.ww38.alordisa.com

*.api.cal-tech.university *.app.cal-tech.university cal-tech.university *.cal-tech.university *.ec.cal-tech.university *.hostmaster.cal-tech.university *.mail.cal-tech.university *.new.cal-tech.university *.old.cal-tech.university *.www.cal-tech.university

*.app.jdo.com.pl *.dev.jdo.com.pl *.ftp.jdo.com.pl *.home.jdo.com.pl jdo.com.pl *.jdo.com.pl *.m.jdo.com.pl *.mobile.jdo.com.pl *.news.jdo.com.pl *.ww25.jdo.com.pl *.www.jdo.com.pl

101.com.tw *.101.com.tw *.ipis.101.com.tw *.jkd.101.com.tw *.jung.101.com.tw *.plin.101.com.tw *.post.101.com.tw *.sogo.101.com.tw *.statics.101.com.tw *.sun.101.com.tw *.taipei.101.com.tw *.tfc.101.com.tw *.yes.101.com.tw *.zero.101.com.tw

*.dashboard.getlowetcarpayment.com *.demo.getlowetcarpayment.com *.dev.getlowetcarpayment.com getlowetcarpayment.com *.getlowetcarpayment.com *.m.getlowetcarpayment.com *.staging.getlowetcarpayment.com *.store.getlowetcarpayment.com *.vpn.getlowetcarpayment.com *.webdisk.getlowetcarpayment.com *.workflow.getlowetcarpayment.com *.www.getlowetcarpayment.com

*.api.gnula.bar *.db.gnula.bar gnula.bar *.gnula.bar *.m.gnula.bar

greatproblems.com *.greatproblems.com *.insights.greatproblems.com

*.connect.santacruzdental.net santacruzdental.net *.santacruzdental.net