SSL Certificate Analysis for random.brodher.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=deadme.me

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 12, 2025

Valid Until

March 12, 2026 32 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A0:1C:AE:EB:A3:9F:48:D5:E3:D9:E3:15:66:B0:10:7E:6C:AA:92:5F:A9:43:C8:F0:42:41:0F:ED:8F:FA:F9:D0

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

brodher.com *.brodher.com *.random.brodher.com

Other domains in certificate

accesshd.tv *.accesshd.tv *.shop.accesshd.tv

alarmon.com *.alarmon.com

alibabna.com *.alibabna.com *.board.alibabna.com *.cicd.alibabna.com *.qd.alibabna.com *.report.alibabna.com *.ww25.alibabna.com *.wx.alibabna.com

argoshdsh.vip *.argoshdsh.vip

bestv2.co *.bestv2.co

bookzap.me *.bookzap.me

borderedger.com *.borderedger.com

bubulover.co *.bubulover.co

bxib.com *.bxib.com *.pre.bxib.com *.random.bxib.com

cea-how.org *.cea-how.org

deadme.me *.deadme.me

dewi88live.click *.dewi88live.click

easynm.com *.easynm.com *.hostmaster.easynm.com *.random.easynm.com

geriatricas.com *.geriatricas.com

hikelite.com *.hikelite.com

*.agu.inter.es *.cash.inter.es *.code.inter.es *.gfr.inter.es inter.es *.inter.es *.ngo.inter.es

laviemdca.us *.laviemdca.us

longjeans.com *.longjeans.com

meterburn.store *.meterburn.store

mimikama.ch *.mimikama.ch *.qa.mimikama.ch

newsevent24.com *.newsevent24.com *.random.newsevent24.com

owensmortuary.com *.owensmortuary.com

philadelphiafashionweek.org *.philadelphiafashionweek.org

popularmachanics.com *.popularmachanics.com *.random.popularmachanics.com

pras.us *.pras.us

royalcarribbian.com *.royalcarribbian.com

rusgazetanovosti24.online *.rusgazetanovosti24.online

srpcb.com *.srpcb.com

uukuialial.cyou *.uukuialial.cyou

veresandals.com *.veresandals.com *.webmail.veresandals.com

waitingforbieber.com *.waitingforbieber.com

*.dea.wheelsofusa.com wheelsofusa.com *.wheelsofusa.com

whiois.com *.whiois.com