SSL Certificate Analysis for ssitech.madebybd.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=madebybd.com

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 03, 2026

Valid Until

September 01, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A8:6C:2A:3D:19:CE:24:81:2C:39:98:A4:C5:EF:2D:D5:30:11:D8:22:41:0F:0C:DF:F2:6C:AB:24:CB:41:A6:84

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

madebybd.com *.madebybd.com *.b-d.madebybd.com *.blog.madebybd.com *.bluffcorps.madebybd.com *.cpcontacts.madebybd.com *.destroyingcancer.madebybd.com *.ipcameras.madebybd.com *.jazzfm.madebybd.com *.jazzfmpwa.madebybd.com *.opticaspectur7.madebybd.com *.petromax.madebybd.com *.pileto.madebybd.com *.real-things.madebybd.com *.ssitech.madebybd.com *.tbb-a.madebybd.com *.tbb-b.madebybd.com *.tbb-c.madebybd.com *.tbb-f.madebybd.com *.tbb-m.madebybd.com *.ww.madebybd.com *.www.madebybd.com

Other domains in certificate

1174jwm301.top *.1174jwm301.top *.4ab78fe730.1174jwm301.top

8462002.cc *.8462002.cc *.mx.8462002.cc *.wx.8462002.cc

*.admin.baael.com baael.com *.baael.com *.forecast.baael.com *.m.baael.com *.staging.baael.com *.test.baael.com

dkgj.net *.dkgj.net *.dtt.dkgj.net *.njxl9vz.dkgj.net *.portal.dkgj.net *.rencai.dkgj.net

*.com.equationofintelligence.com equationofintelligence.com *.equationofintelligence.com

fq66.vip *.fq66.vip *.m.fq66.vip

*.92fe10e2-28fa-491f-8433-5d747c33f5c2.petraxp.info *.a.petraxp.info *.admin.petraxp.info *.api.petraxp.info *.app.petraxp.info *.assets.petraxp.info *.backup.petraxp.info *.c07b6297-d7cf-42c7-8d4e-078b9cc742b8.petraxp.info *.demo.petraxp.info *.hyrkfassets.petraxp.info *.jv3zjt.petraxp.info *.members.petraxp.info petraxp.info *.petraxp.info *.pgoptstaging.petraxp.info *.staging.petraxp.info *.test.petraxp.info *.uat.petraxp.info *.www.petraxp.info

*.admin.prowler.it *.app.prowler.it *.autodiscover.prowler.it *.backend.prowler.it *.dashs.prowler.it *.demo.prowler.it *.dev.prowler.it *.forecast.prowler.it prowler.it *.prowler.it *.redash.prowler.it *.remote.prowler.it *.research.prowler.it *.superset.prowler.it *.webdisk.prowler.it

*.app.start-up.city start-up.city *.start-up.city

*.api.vot3s.com *.app.vot3s.com *.ebay.vot3s.com vot3s.com *.vot3s.com