SSL Certificate Analysis for spamguard.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=positivepliers.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 27, 2026

Valid Until

July 26, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

94:6C:24:CC:97:E7:CB:C7:D4:E4:D6:75:21:3C:00:C2:53:F1:3E:BA:95:1E:06:FE:C9:90:C7:A8:8C:89:54:F8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

spamguard.com *.spamguard.com *.ru.spamguard.com

Other domains in certificate

*.2018.a48579316.top a48579316.top *.a48579316.top

agadez.com *.agadez.com *.bbchausa.agadez.com

attractiveboy.com *.attractiveboy.com *.dev.attractiveboy.com *.m.attractiveboy.com *.mail.attractiveboy.com

cimol88rtp.xyz *.cimol88rtp.xyz

*.admin.epremiuminsirance.com *.alumni.epremiuminsirance.com *.cloud.epremiuminsirance.com epremiuminsirance.com *.epremiuminsirance.com *.random.epremiuminsirance.com *.wap.epremiuminsirance.com *.webmail.epremiuminsirance.com *.www.epremiuminsirance.com

*.bbs.islam24.info islam24.info *.islam24.info *.random.islam24.info *.wildcard.islam24.info *.www.islam24.info

jcp.au *.jcp.au

*.api.kuca.it *.dashboards.kuca.it kuca.it *.kuca.it *.redash.kuca.it *.uat.kuca.it

*.email.nerobianco.it nerobianco.it *.nerobianco.it *.owa.nerobianco.it *.rds.nerobianco.it *.remote.nerobianco.it *.ssl.nerobianco.it

*.com.positivepliers.com *.cpcalendars.positivepliers.com *.mail.positivepliers.com positivepliers.com *.positivepliers.com *.webmail.positivepliers.com *.www.positivepliers.com

publicity.au *.publicity.au

*.4feb1c1a-f6ee-430b-be4c-b4bbfa7fedd9.ss35.xyz *.60.ss35.xyz *.art.ss35.xyz *.bsnfd.ss35.xyz *.bsuxc.ss35.xyz *.et6ku.ss35.xyz *.eu.ss35.xyz *.ffy.ss35.xyz *.jrgmg.ss35.xyz *.khl5j.ss35.xyz *.la.ss35.xyz *.lat.ss35.xyz *.lsj.ss35.xyz *.met.ss35.xyz *.mter.ss35.xyz *.q16tg.ss35.xyz *.qepm2.ss35.xyz *.sarzd.ss35.xyz ss35.xyz *.ss35.xyz *.uqvq7.ss35.xyz *.ww25.ss35.xyz *.ww38.ss35.xyz *.www.ss35.xyz *.xv35.ss35.xyz

*.lo.testporal.pl *.radomzse.testporal.pl *.sieka.testporal.pl testporal.pl *.testporal.pl

yah66.us *.yah66.us

*.jessiceshendymenservices.ze.net ze.net *.ze.net