SSL Certificate Analysis for random.instantdiagnostic.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=medicinetreatments.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

March 21, 2026

Valid Until

June 19, 2026 30 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

31:FA:2C:AF:3F:E0:E6:CF:2B:B5:1A:33:89:93:2D:FF:B3:ED:12:05:21:EE:66:3F:2F:B5:2D:50:B6:B0:39:3F

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

instantdiagnostic.com *.instantdiagnostic.com *.fs.instantdiagnostic.com *.mail.instantdiagnostic.com

Other domains in certificate

allam2.com *.allam2.com *.ws.allam2.com *.ww25.allam2.com

*.alguma.chanse.com *.api.chanse.com *.calendar.chanse.com chanse.com *.chanse.com *.chaseonline.chanse.com *.dale.chanse.com *.exchange.chanse.com *.ildcard.chanse.com *.k8s-hana.chanse.com *.kf.chanse.com *.monitor.chanse.com *.shop.chanse.com *.tenho.chanse.com *.testing.chanse.com *.track.chanse.com *.uma.chanse.com *.website.chanse.com

medicinetreatments.com *.medicinetreatments.com

*.beta.melvinsmechanicalmasterworks.com melvinsmechanicalmasterworks.com *.melvinsmechanicalmasterworks.com *.portal.melvinsmechanicalmasterworks.com *.superset.melvinsmechanicalmasterworks.com

*.bibus.miroito.com *.dloyf.miroito.com *.emjgy.miroito.com *.fmomd.miroito.com *.fstls.miroito.com *.geaon.miroito.com *.hxidd.miroito.com *.ltmfp.miroito.com *.ltzmd.miroito.com *.mail.miroito.com miroito.com *.miroito.com *.mptjy.miroito.com *.wbbtn.miroito.com *.wryqc.miroito.com

mysterywin512.info *.mysterywin512.info

newsfinderworks.com *.newsfinderworks.com

novaarcade579.top *.novaarcade579.top

*.bbs.okongo.com *.crm.okongo.com okongo.com *.okongo.com *.secure.okongo.com *.software.okongo.com *.test.okongo.com *.users.okongo.com

online-dating-app-mb4.click *.online-dating-app-mb4.click

osepic.com *.osepic.com

*.admin.pm-02.com *.api.pm-02.com *.gadkmapp.pm-02.com *.m.pm-02.com pm-02.com *.pm-02.com *.portal.pm-02.com *.probiller.pm-02.com *.shop.pm-02.com

*.113.sichirurgia.org *.116.sichirurgia.org *.portale.sichirurgia.org sichirurgia.org *.sichirurgia.org

*.hostmaster.tamyia.de tamyia.de *.tamyia.de *.ww1.tamyia.de *.ww38.tamyia.de

*.m.themoviemagic.com themoviemagic.com *.themoviemagic.com *.vpn.themoviemagic.com