SSL Certificate Analysis for scrobbler.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=technicznastrona.pl

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 05, 2026

Valid Until

May 06, 2026 85 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B2:C2:07:F0:53:D9:C3:6C:FF:EB:BD:86:C9:07:C6:C5:1B:0F:58:E9:9B:F3:1B:8B:5C:9A:13:15:A8:B6:35:1E

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

scrobbler.com *.scrobbler.com *.api.scrobbler.com *.app.scrobbler.com *.rss.scrobbler.com *.sitemaps.scrobbler.com *.staging.scrobbler.com *.test.scrobbler.com

Other domains in certificate

*.ahoi.brauser.io brauser.io *.brauser.io *.mirror.brauser.io *.status.brauser.io

digitalmaximus.com *.digitalmaximus.com *.git.digitalmaximus.com

discoceryplus.com *.discoceryplus.com *.www.discoceryplus.com

elma.au *.elma.au *.mailserver.elma.au

*.backup.endclothing.co *.ci.endclothing.co *.cicd.endclothing.co *.emails.endclothing.co endclothing.co *.endclothing.co *.hotfix.endclothing.co *.launches.endclothing.co *.mail.endclothing.co

*.autodiscover.glamorous.live *.bcrrdustxeicguaishzk.glamorous.live *.cpanel.glamorous.live glamorous.live *.glamorous.live *.hostmaster.glamorous.live *.webdisk.glamorous.live

iumj.com *.iumj.com *.owa.iumj.com

macvar3920.live *.macvar3920.live *.webdisk.macvar3920.live

*.cdn.mangabuddy.info *.img.mangabuddy.info mangabuddy.info *.mangabuddy.info

*.bbs.montreal.bio montreal.bio *.montreal.bio *.wildcard.montreal.bio

mukisa.com *.mukisa.com *.ug.mukisa.com

*.en.pickyguide.com pickyguide.com *.pickyguide.com *.www.pickyguide.com

*.casino.stakes24.com stakes24.com *.stakes24.com

*.api.swaroopch.info swaroopch.info *.swaroopch.info

technicznastrona.pl *.technicznastrona.pl

*.cas.tesla-group.com tesla-group.com *.tesla-group.com

*.f3b39cf4a5b4.thebl.news *.m.thebl.news thebl.news *.thebl.news

thehogarinfantil.org *.thehogarinfantil.org *.v1.thehogarinfantil.org

*.storage.volac.live volac.live *.volac.live *.yue.volac.live

*.admin.youngfirstimers.com *.api.youngfirstimers.com *.backend.youngfirstimers.com *.dashs.youngfirstimers.com *.v1.youngfirstimers.com *.wildcard.youngfirstimers.com *.ww38.youngfirstimers.com youngfirstimers.com *.youngfirstimers.com