SSL Certificate Analysis for paltalk.sendbutton.click - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=doufuru17.xyz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 20, 2026

Valid Until

April 20, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5E:66:18:EF:71:CA:83:2F:ED:76:98:A2:28:30:1F:1C:F0:55:DC:FC:17:77:3E:AF:FE:2F:37:53:7B:E4:39:5D

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

sendbutton.click *.sendbutton.click *.elements.sendbutton.click

Other domains in certificate

17fornapm.xyz *.17fornapm.xyz *.blog.17fornapm.xyz *.sitemap.17fornapm.xyz *.ww12.17fornapm.xyz

aong.xyz *.aong.xyz *.hn.aong.xyz *.insight.aong.xyz *.quanzhong.aong.xyz *.sitemap.aong.xyz *.sitemaps.aong.xyz *.ww25.aong.xyz *.ww38.aong.xyz

cold-summer.info *.cold-summer.info *.new.cold-summer.info *.next.cold-summer.info

*.babcpxi.doufuru17.xyz *.bao.doufuru17.xyz doufuru17.xyz *.doufuru17.xyz *.gan.doufuru17.xyz *.wgt.doufuru17.xyz *.ww25.doufuru17.xyz *.ww38.doufuru17.xyz

eb-world.com *.eb-world.com

formsite.co *.formsite.co *.fs23.formsite.co *.fs4.formsite.co *.ww38.formsite.co

futnropaccu.com *.futnropaccu.com

i6pg.vip *.i6pg.vip

*.dev.itcketmaster.com *.hosted.itcketmaster.com itcketmaster.com *.itcketmaster.com *.m.itcketmaster.com *.portal.itcketmaster.com *.prod.itcketmaster.com *.random.itcketmaster.com *.wildcard.itcketmaster.com *.ww1.itcketmaster.com *.ww2.itcketmaster.com *.www.itcketmaster.com

lagossdgandinvestment.com *.lagossdgandinvestment.com

*.mail.metsovohotels.com metsovohotels.com *.metsovohotels.com *.random.metsovohotels.com *.ww25.metsovohotels.com *.ww38.metsovohotels.com

onlytiks.com *.onlytiks.com *.random.onlytiks.com

patreonz.com *.patreonz.com

*.bitb.pozitiv.digital pozitiv.digital *.pozitiv.digital

ute-net.org *.ute-net.org

*.alpha.viralpacks.online *.bi.viralpacks.online *.es.viralpacks.online *.production.viralpacks.online *.random.viralpacks.online *.superset-ci.viralpacks.online viralpacks.online *.viralpacks.online *.visualize.viralpacks.online *.wildcard.viralpacks.online *.ww25.viralpacks.online

*.es.woldenorchids.com *.mail.woldenorchids.com woldenorchids.com *.woldenorchids.com

*.driver.yourfoods.co.uk *.restaurant.yourfoods.co.uk yourfoods.co.uk *.yourfoods.co.uk