SSL Certificate Analysis for test-prep.live - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=17track.bet

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 07, 2026

Valid Until

May 08, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F4:CE:BB:3C:DA:C6:11:67:90:11:40:E7:72:E2:14:2A:E8:B2:88:8B:30:0A:73:79:4C:A7:9B:C7:93:6E:0C:44

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

test-prep.live *.test-prep.live

Other domains in certificate

17track.bet *.17track.bet *.admin.17track.bet *.api.17track.bet *.app.17track.bet *.blog.17track.bet

bbaiaide.com *.bbaiaide.com

beauifulmind.club *.beauifulmind.club *.ww25.beauifulmind.club

chat-lesbo.com *.chat-lesbo.com *.ftp.chat-lesbo.com *.random.chat-lesbo.com

foneerotico.com *.foneerotico.com *.m.foneerotico.com *.wiki.foneerotico.com *.ww17.foneerotico.com

kulak.net *.kulak.net

kyoiku-young.vip *.kyoiku-young.vip

laequidad.com *.laequidad.com

landowski.com *.landowski.com

laslunas.com *.laslunas.com

lawforprofit.com *.lawforprofit.com

laxar.com *.laxar.com

*.admin.laybbw.com laybbw.com *.laybbw.com *.otc.laybbw.com

lecavedelceppo.com *.lecavedelceppo.com

*.c48b3ca6a54f.ohanamama.com ohanamama.com *.ohanamama.com

rentproductsonline.com *.rentproductsonline.com *.www.rentproductsonline.com

rivilistsp.info *.rivilistsp.info *.ww38.rivilistsp.info

*.admin.royalneom.com *.api.royalneom.com *.cdn-test.royalneom.com *.checkout.royalneom.com *.checks.royalneom.com *.doc.royalneom.com *.healthcheck.royalneom.com *.img.royalneom.com *.intranet.royalneom.com *.pay.royalneom.com *.proof.royalneom.com royalneom.com *.royalneom.com *.shop.royalneom.com

*.anyconnect.sellens.com *.cisapp.sellens.com *.mail11.sellens.com *.ohx.sellens.com *.owa.sellens.com *.rds.sellens.com sellens.com *.sellens.com *.sitemaps.sellens.com *.ssl.sellens.com *.us.sellens.com *.vdi.sellens.com *.vpngate.sellens.com *.web6413.sellens.com *.ww17.sellens.com *.xapp.sellens.com

*.forum.statuslife.name statuslife.name *.statuslife.name

*.app.stocktonhomes.net *.demo.stocktonhomes.net stocktonhomes.net *.stocktonhomes.net

xn--i8sx2pn1bt3e6s2a.com *.xn--i8sx2pn1bt3e6s2a.com