SSL Certificate Analysis for rxsun.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bad-heizung-schwerte.de

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

March 28, 2026

Valid Until

June 26, 2026 43 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

87:C6:5C:AC:DA:C8:AC:BF:E8:0B:D1:55:BB:E9:63:E4:3E:04:7B:51:F9:EB:20:CA:D6:6A:53:72:95:8C:17:75

Alternative Names

87 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

87 domains

rxsun.net *.rxsun.net

Other domains in certificate

aipromtengineer.com *.aipromtengineer.com

amateti.cz *.amateti.cz *.pornuj.amateti.cz

angelescenarriaga.es *.angelescenarriaga.es

bad-heizung-schwerte.de *.bad-heizung-schwerte.de

bermejo.net *.bermejo.net

brightspace.au *.brightspace.au

by25333.com *.by25333.com

calgonstore.com *.calgonstore.com

camerastores.com.au *.camerastores.com.au

coaldelivery.com *.coaldelivery.com *.ww35.coaldelivery.com

czechmassag.com *.czechmassag.com

divinetouchproject.com *.divinetouchproject.com

elected.au *.elected.au

handy-handys24.de *.handy-handys24.de

jgq.com.au *.jgq.com.au

localleaks.com.au *.localleaks.com.au

maceyjobs.com *.maceyjobs.com

mackinac2015.com *.mackinac2015.com

naija2movies.com *.naija2movies.com *.series.naija2movies.com

pantrymate.com.au *.pantrymate.com.au

perthmotel.com.au *.perthmotel.com.au

plussizeclothing.com.au *.plussizeclothing.com.au

proteinpowders.com.au *.proteinpowders.com.au

pubicmanscaping.com *.pubicmanscaping.com

rowingframe.com *.rowingframe.com

royalboyz.com *.royalboyz.com

rubuki.com *.rubuki.com

rwq.com.au *.rwq.com.au

saju90.com *.saju90.com

*.random.scstateparks.com scstateparks.com *.scstateparks.com

southernwhiskey.com.au *.southernwhiskey.com.au

svc3.com *.svc3.com

tacomakickboxingacademy.com *.tacomakickboxingacademy.com

teerstuhl.de *.teerstuhl.de

theclimbingtree.co.uk *.theclimbingtree.co.uk *.ww38.theclimbingtree.co.uk

thephysicsavairy.com *.thephysicsavairy.com

veryhardalgebra.com *.veryhardalgebra.com

worldtarhiphop.com *.worldtarhiphop.com

y6b.org *.y6b.org

yetcost.de *.yetcost.de