SSL Certificate Analysis for proxyindia.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=xxllutz.cz

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 03, 2026

Valid Until

August 01, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

70:FD:39:BF:E3:91:11:FD:7B:2A:FF:4F:68:7D:C3:AA:10:22:06:D5:21:3F:F7:48:8E:BC:CE:04:F7:73:82:AA

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

proxyindia.com *.proxyindia.com *.com.proxyindia.com

Other domains in certificate

auriaparis.com *.auriaparis.com *.mx.auriaparis.com *.ww25.auriaparis.com

bangladeshnewspaper.com *.bangladeshnewspaper.com *.ww25.bangladeshnewspaper.com *.www.bangladeshnewspaper.com

bitmerger.com *.bitmerger.com

bokep2025.net *.bokep2025.net *.sitemap.bokep2025.net *.sitemaps.bokep2025.net

borxy.software *.borxy.software *.s.borxy.software

*.brother-usa.brotherusa.com brotherusa.com *.brotherusa.com *.itenalasa.brotherusa.com *.refresh.brotherusa.com *.ww16.brotherusa.com *.ww25.brotherusa.com *.ww38.brotherusa.com

byk.life *.byk.life

*.billerdirect.bznkofamerica.com bznkofamerica.com *.bznkofamerica.com *.comune.bznkofamerica.com *.hostmaster.bznkofamerica.com *.www.bznkofamerica.com

communityhelathchoice.org *.communityhelathchoice.org

*.api.georgetown.love georgetown.love *.georgetown.love *.mail.georgetown.love *.www.georgetown.love

optimisedconnect.com *.optimisedconnect.com

runawaykiwi.com *.runawaykiwi.com

*.e.siiusxm.com *.email.siiusxm.com *.mountain.siiusxm.com siiusxm.com *.siiusxm.com *.steaming.siiusxm.com *.web-cloud.siiusxm.com

*.api.tagobi.info *.app.tagobi.info *.c475e438-1b90-4fff-97f0-3a6593f9e69e.tagobi.info tagobi.info *.tagobi.info

*.api.trezzano.it *.demo.trezzano.it *.notexistsapi.trezzano.it *.notexistsstaging.trezzano.it *.summary.trezzano.it trezzano.it *.trezzano.it

*.hostmaster.whoelfoods.com *.mx7.whoelfoods.com *.myapps.whoelfoods.com *.ns1.whoelfoods.com *.ns2.whoelfoods.com whoelfoods.com *.whoelfoods.com *.ww38.whoelfoods.com

*.attivazionenetflix.windre.it *.aws.windre.it *.sip.windre.it *.sipinternal.windre.it windre.it *.windre.it

*.3509837e-6804-4266-9db5-32947825d5e6.xxllutz.cz *.demo.xxllutz.cz *.jrrwddemo.xxllutz.cz *.m.xxllutz.cz *.smtp.xxllutz.cz *.webdisk.xxllutz.cz *.webmail.xxllutz.cz *.www.xxllutz.cz xxllutz.cz *.xxllutz.cz