SSL Certificate Analysis for secure.getnuf.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=penina.studio

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 25, 2026

Valid Until

July 24, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EA:D5:6E:9B:6A:D6:45:F8:15:A7:1E:F7:9E:DF:5A:A4:6E:1E:8E:A6:0E:27:11:EE:62:2F:01:B5:CD:F0:60:2E

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

getnuf.com *.getnuf.com *.backup.getnuf.com *.rdweb.getnuf.com

Other domains in certificate

43006.cc *.43006.cc *.sitemap.43006.cc *.www.43006.cc

avei.me *.avei.me *.bad.avei.me *.www.avei.me

bedpge.com *.bedpge.com *.bi.bedpge.com *.houston.bedpge.com *.manhattan.bedpge.com *.report.bedpge.com *.ww25.bedpge.com *.ww38.bedpge.com

*.blog.caixainstagram.com caixainstagram.com *.caixainstagram.com *.wp.caixainstagram.com

*.autodiscover.cbb.bio cbb.bio *.cbb.bio

ceptekidunya.com *.ceptekidunya.com

cheercocktail.co *.cheercocktail.co

cottagesat220.com *.cottagesat220.com *.www.cottagesat220.com

*.api.dengxiaoping.org *.app.dengxiaoping.org dengxiaoping.org *.dengxiaoping.org

*.1yme1.dur63bvwdy.xyz *.5vs9r.dur63bvwdy.xyz dur63bvwdy.xyz *.dur63bvwdy.xyz *.igqlc.dur63bvwdy.xyz *.ip4i2.dur63bvwdy.xyz *.kac0t.dur63bvwdy.xyz *.lkzdx.dur63bvwdy.xyz *.ques8.dur63bvwdy.xyz

*.3ugcn.dw7vy6fm6k.xyz *.8joac.dw7vy6fm6k.xyz dw7vy6fm6k.xyz *.dw7vy6fm6k.xyz

*.com.himbank.com himbank.com *.himbank.com *.net.himbank.com *.org.himbank.com

kokka1688.bet *.kokka1688.bet *.www.kokka1688.bet

leaksfans.xyz *.leaksfans.xyz

lostminig.com *.lostminig.com

*.apps.makingdocs.com *.hostmaster.makingdocs.com *.m.makingdocs.com makingdocs.com *.makingdocs.com *.redash.makingdocs.com

manhwaread.co *.manhwaread.co

olaveri.com *.olaveri.com

penina.studio *.penina.studio

skincarekingdom.com *.skincarekingdom.com

smartbuyglasses.co *.smartbuyglasses.co

tiktok-voice-generator.com *.tiktok-voice-generator.com *.ww38.tiktok-voice-generator.com

*.rustore.webguideseattle.com webguideseattle.com *.webguideseattle.com *.www.webguideseattle.com *.wwww.webguideseattle.com

*.sitemap.wwcp821.xyz wwcp821.xyz *.wwcp821.xyz