SSL Certificate Analysis for sun9-77.userapi.co - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=uniontecnica.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 06, 2025

Valid Until

March 06, 2026 30 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EC:57:E2:2A:5D:0B:5E:F1:18:96:5C:22:4E:64:B1:F6:7D:1A:8A:BA:BD:2C:82:93:39:BC:21:E0:07:52:16:DE

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

userapi.co *.userapi.co *.dataix-by-minsk.userapi.co *.goo.userapi.co *.sun6-20.userapi.co *.sun6-23.userapi.co *.sun9-47.userapi.co *.sun9-5.userapi.co *.sun9-7.userapi.co *.sun9-77.userapi.co

Other domains in certificate

boda.digital *.boda.digital *.de.boda.digital *.webmail.boda.digital

borde.me *.borde.me *.ww25.borde.me

cheatcs.space *.cheatcs.space

cr18hbkj.com *.cr18hbkj.com *.ona.cr18hbkj.com

*.cdn.crypnode.io *.cpanel.crypnode.io crypnode.io *.crypnode.io *.hostmaster.crypnode.io *.mail.crypnode.io *.server.crypnode.io *.webdisk.crypnode.io *.webmail.crypnode.io *.ww38.crypnode.io *.www.crypnode.io

*.autodiscover.diningpla.net *.cpanel.diningpla.net *.cpcalendars.diningpla.net *.cpcontacts.diningpla.net diningpla.net *.diningpla.net *.mail.diningpla.net *.random.diningpla.net *.webdisk.diningpla.net *.webmail.diningpla.net *.www.diningpla.net

*.api.edificandovidas.online edificandovidas.online *.edificandovidas.online *.ww38.edificandovidas.online

getwptips.com *.getwptips.com *.hostmaster.getwptips.com *.sitemap.getwptips.com *.www.getwptips.com

*.39573.gsseo-pct.com *.44396.gsseo-pct.com *.688761.gsseo-pct.com gsseo-pct.com *.gsseo-pct.com

impextrom.co *.impextrom.co

*.apply.indeedc.com *.canary.indeedc.com *.ildcard.indeedc.com indeedc.com *.indeedc.com *.ioww16.indeedc.com *.pipeline.indeedc.com *.statics.indeedc.com *.ww17.indeedc.com

newexperiencewrestling.co *.newexperiencewrestling.co

*.demo.ppmconnect.com.au ppmconnect.com.au *.ppmconnect.com.au *.ww38.ppmconnect.com.au

*.alpha.sexy.photo *.apani.sexy.photo *.apni.sexy.photo *.bhabhi.sexy.photo *.chaine.sexy.photo *.qureshy.sexy.photo sexy.photo *.sexy.photo

*.ffffffffffff.uniontecnica.com *.members.uniontecnica.com uniontecnica.com *.uniontecnica.com

*.ww25.zylotweaks.com zylotweaks.com *.zylotweaks.com