SSL Certificate Analysis for rustore.lukmall.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=050158.lol

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 24, 2026

Valid Until

August 22, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CA:35:C0:F4:FA:2E:72:8D:D0:15:32:5D:2D:DC:78:DA:01:4A:AD:56:30:50:9B:62:C2:CB:69:10:57:17:FA:E2

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

lukmall.com *.lukmall.com

Other domains in certificate

050158.lol *.050158.lol

117722jj.cc *.117722jj.cc

220224.lol *.220224.lol

378827.lol *.378827.lol

4-immigration-lawyer-1.click *.4-immigration-lawyer-1.click

55906303.top *.55906303.top

5ckklayw.xyz *.5ckklayw.xyz

633837.lol *.633837.lol

77625vv.cc *.77625vv.cc

828496.lol *.828496.lol

85348462.top *.85348462.top

89900.my *.89900.my

92285.blog *.92285.blog

961971.my *.961971.my

ahaqa8.cyou *.ahaqa8.cyou

aku89panel.org *.aku89panel.org

arrigonigrandicucine.com *.arrigonigrandicucine.com

art-for-sale-factor-920.sbs *.art-for-sale-factor-920.sbs

asksecret.com *.asksecret.com

benameiran3.com *.benameiran3.com

bo-keren.cool *.bo-keren.cool

boxplay010.com *.boxplay010.com

cdbkd.cc *.cdbkd.cc

congtysangtaoviet.com *.congtysangtaoviet.com

creal.pro *.creal.pro

cskdkh.com *.cskdkh.com

dewagacorhoki.lat *.dewagacorhoki.lat

dubaislot3a.xyz *.dubaislot3a.xyz

efp.cc *.efp.cc

emp33again.xyz *.emp33again.xyz

etuuy8.com *.etuuy8.com

ezybet888v4.xyz *.ezybet888v4.xyz

fioelia.com *.fioelia.com

forwarddreamers.com *.forwarddreamers.com

fxz94rv2zc.net *.fxz94rv2zc.net

g6i1bwpygei6.com *.g6i1bwpygei6.com

galleriaelitegaragedoorservice.xyz *.galleriaelitegaragedoorservice.xyz

goldslot.vip *.goldslot.vip

gwgpem.sbs *.gwgpem.sbs

haijiao2024.cn *.haijiao2024.cn

hsvip.live *.hsvip.live

ikik-523-it.online *.ikik-523-it.online

innerrestore.info *.innerrestore.info

ku1119.com *.ku1119.com