SSL Certificate Analysis for ra.008tg.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=00145.my

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 08, 2026

Valid Until

September 06, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A0:C0:0C:AA:32:77:B6:D8:5F:E8:B3:14:A5:EF:90:F3:11:DB:A7:59:9F:F9:59:E6:74:FD:8C:82:24:FB:50:14

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

008tg.com *.008tg.com

Other domains in certificate

00145.my *.00145.my

15987.work *.15987.work

17272.my *.17272.my

178y.app *.178y.app

26396093.vip *.26396093.vip

27635618.vip *.27635618.vip

400suining.com *.400suining.com

42865.my *.42865.my

526782.com *.526782.com

5379143.cc *.5379143.cc

66570.blog *.66570.blog

99621.my *.99621.my

account-hub.com *.account-hub.com

agitok3ns.com *.agitok3ns.com

ak58.cc *.ak58.cc

alignrb2bgold.info *.alignrb2bgold.info

allfinefirls.com *.allfinefirls.com

anadoluelisx.pro *.anadoluelisx.pro

apartmentmovingcompany.com *.apartmentmovingcompany.com

artisanodyssey.coupons *.artisanodyssey.coupons

asiabet777king.com *.asiabet777king.com

axxfr.cc *.axxfr.cc

baselinetimes.com *.baselinetimes.com

bet10.loan *.bet10.loan

bf09176.cc *.bf09176.cc

bithere.sbs *.bithere.sbs

blackbirdautomation.com *.blackbirdautomation.com

bobstireshop.com *.bobstireshop.com

bones.business *.bones.business

cl2404a085.top *.cl2404a085.top

elements-series.com *.elements-series.com *.ww38.elements-series.com

wshyg.my *.wshyg.my

www520002.com *.www520002.com

xjqbk.gdn *.xjqbk.gdn

xn--cannabisl-77a.com *.xn--cannabisl-77a.com

xn--gmq91r.com *.xn--gmq91r.com

xn--qev14m.com *.xn--qev14m.com

xn--t8wn61g.com *.xn--t8wn61g.com

xucev.my *.xucev.my

yphpiprjsggkjsj.my *.yphpiprjsggkjsj.my

ytsnx.my *.ytsnx.my

yyfhpx.com *.yyfhpx.com

zz79lmiq.cc *.zz79lmiq.cc