SSL Certificate Analysis for notavalidreturnurl.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=waitressesgonewild.com.au

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 05, 2026

Valid Until

July 04, 2026 41 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

58:A0:EF:A0:36:9A:15:FC:B0:61:ED:11:CB:19:43:CA:C0:4C:01:40:24:61:BF:D1:6F:30:EE:13:FD:16:57:20

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

notavalidreturnurl.com *.notavalidreturnurl.com

Other domains in certificate

123b-e1.com *.123b-e1.com *.29523157-fe0f-4b37-9973-0920967e4dfd.123b-e1.com *.admin.123b-e1.com *.api.123b-e1.com *.assets.123b-e1.com *.demo.123b-e1.com *.dev.123b-e1.com *.docs.123b-e1.com *.external.123b-e1.com *.gateway.123b-e1.com *.hllqsintranet.123b-e1.com *.hostmaster.123b-e1.com *.hr.123b-e1.com *.portal.123b-e1.com *.public.123b-e1.com *.sharepoint.123b-e1.com

areaconsulenza.it *.areaconsulenza.it *.dev.areaconsulenza.it

cherrysthoughts.me *.cherrysthoughts.me

gays.au *.gays.au

*.businesscapital.gsvi.co.uk *.freelance.gsvi.co.uk gsvi.co.uk *.gsvi.co.uk *.theangelschoice.gsvi.co.uk *.wealthmedia.gsvi.co.uk

*.games.ifrah.com ifrah.com *.ifrah.com *.maayrah.ifrah.com *.old.ifrah.com *.sms.ifrah.com *.tiktok.ifrah.com *.vb.ifrah.com *.ww17.ifrah.com

localbusinesstransfersnearme.com.au *.localbusinesstransfersnearme.com.au

md12.com.br *.md12.com.br

oceanfilm.bet *.oceanfilm.bet

provvisti.com *.provvisti.com

*.new.qasralhadaya77.com qasralhadaya77.com *.qasralhadaya77.com

qsabrasil.com.br *.qsabrasil.com.br

rjfs.net *.rjfs.net

*.random.sai-ent.com sai-ent.com *.sai-ent.com *.ww25.sai-ent.com

*.0afmf.sciontoolsxyz.xyz *.1846m.sciontoolsxyz.xyz *.3nxyc.sciontoolsxyz.xyz *.4qwa0.sciontoolsxyz.xyz *.5qutp.sciontoolsxyz.xyz *.6y8gt.sciontoolsxyz.xyz *.civoh.sciontoolsxyz.xyz *.eyhizccaxg8r9pg.sciontoolsxyz.xyz *.ip4i2.sciontoolsxyz.xyz *.lcjev.sciontoolsxyz.xyz *.osc36.sciontoolsxyz.xyz *.rczhl.sciontoolsxyz.xyz sciontoolsxyz.xyz *.sciontoolsxyz.xyz *.svzzq.sciontoolsxyz.xyz *.z44ag.sciontoolsxyz.xyz

*.cc.spotsurv.com *.org.spotsurv.com spotsurv.com *.spotsurv.com

*.checkout.twentiescollective.com *.sms.twentiescollective.com twentiescollective.com *.twentiescollective.com *.www.twentiescollective.com

waitressesgonewild.com.au *.waitressesgonewild.com.au

xunbxl.com *.xunbxl.com