SSL Certificate Analysis for tabloidpl.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=211335.locker

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 30, 2026

Valid Until

April 30, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3A:C9:9C:D5:17:9A:46:F4:89:A2:F0:D8:52:27:C1:85:18:80:17:31:8A:16:22:70:3B:8D:08:3D:6E:36:BF:76

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

tabloidpl.com *.tabloidpl.com

Other domains in certificate

211335.locker *.211335.locker

30225673.com *.30225673.com

53606.mobi *.53606.mobi

6780.sx *.6780.sx

69926.loan *.69926.loan

89js51.top *.89js51.top

8q6ky8ew.top *.8q6ky8ew.top

902816.pizza *.902816.pizza

adult-chat.net *.adult-chat.net *.cpanel.adult-chat.net *.cpcalendars.adult-chat.net *.cpcontacts.adult-chat.net *.mail.adult-chat.net *.webdisk.adult-chat.net *.webmail.adult-chat.net *.www.adult-chat.net

landsearchsolutions.co.in *.landsearchsolutions.co.in nirdosh.co.in *.nirdosh.co.in

sim24h.com.vn *.sim24h.com.vn

emas168.app *.emas168.app

euvahlta.com *.euvahlta.com

fine-gambling.com *.fine-gambling.com

free-text.com *.free-text.com

herveg.org *.herveg.org

iosdknav.top *.iosdknav.top

kasroth.net *.kasroth.net

kolactis.com *.kolactis.com

kpkon.net *.kpkon.net

lhgfr.gdn *.lhgfr.gdn

nexusitsupport.org *.nexusitsupport.org

nfeelthepulse.com *.nfeelthepulse.com

seosolution.org.in *.seosolution.org.in

sandraambroseorg.com *.sandraambroseorg.com

securefiles.us *.securefiles.us

ssmtech.in *.ssmtech.in

tascelebrant.com.au *.tascelebrant.com.au

tayloryardg2.com *.tayloryardg2.com

td40453.cc *.td40453.cc

trytotalcommercial.com *.trytotalcommercial.com

wk8j6a2.top *.wk8j6a2.top

xn--15t04zh7ci86d.com *.xn--15t04zh7ci86d.com

xn--gwt191c.com *.xn--gwt191c.com

xn--sjq628c.com *.xn--sjq628c.com

xn--uist0o6oh.com *.xn--uist0o6oh.com

ydn42.top *.ydn42.top

ymybwh.net *.ymybwh.net

zsxjia.com *.zsxjia.com