SSL Certificate Analysis for susruta.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=changeyou.it

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

May 30, 2026

Valid Until

August 28, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

05:E7:F8:51:A6:40:C3:5B:ED:1A:6A:43:C6:02:B2:A7:62:75:22:8E:BC:95:FD:72:C3:AF:01:C2:95:F5:CA:BE

Alternative Names

75 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

75 domains

susruta.com *.susruta.com *.ww38.susruta.com

Other domains in certificate

acaoesaude.com *.acaoesaude.com *.library.acaoesaude.com *.server19.acaoesaude.com *.sps.acaoesaude.com *.test.acaoesaude.com

artifara.com *.artifara.com *.webmail.artifara.com *.ww16.artifara.com *.ww38.artifara.com

bbklr.org *.bbklr.org *.ci.bbklr.org *.ww16.bbklr.org *.ww25.bbklr.org

bjost.com *.bjost.com *.ffffffffffff.bjost.com

blox-code.net *.blox-code.net *.ww17.blox-code.net *.ww25.blox-code.net *.ww38.blox-code.net

centribenessereinpuglia.it *.centribenessereinpuglia.it

changeyou.it *.changeyou.it

copytemplate.com *.copytemplate.com

cruelmediatv.com *.cruelmediatv.com *.ww25.cruelmediatv.com *.ww38.cruelmediatv.com

cuckoldme.com *.cuckoldme.com *.prod-pipeline.cuckoldme.com

energiaxx.com *.energiaxx.com *.ww25.energiaxx.com

hammocks.com.au *.hammocks.com.au *.hostmaster.hammocks.com.au *.www.hammocks.com.au

hotelblogs.it *.hotelblogs.it

*.arpa-ip93.imitators.com *.emails.imitators.com imitators.com *.imitators.com *.quese.imitators.com *.wind.imitators.com

martininstitute.org *.martininstitute.org

michaelkprs.com *.michaelkprs.com *.ww25.michaelkprs.com *.ww38.michaelkprs.com

orangemaplewood.com *.orangemaplewood.com *.www.orangemaplewood.com

*.api.unspash.com *.plus.unspash.com *.source.unspash.com unspash.com *.unspash.com *.ww25.unspash.com

*.hostmaster.webrepair.it webrepair.it *.webrepair.it

xn--hh0b97d8is16e.com *.xn--hh0b97d8is16e.com