SSL Certificate Analysis for test.biotonics.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=18243.loan

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 18, 2026

Valid Until

September 16, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AE:AF:AB:1C:80:57:B2:D0:3F:18:75:F4:47:19:C7:D4:3A:FF:C8:B2:C5:8F:23:2B:38:67:81:18:45:67:A6:56

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

biotonics.net *.biotonics.net

Other domains in certificate

10594.blog *.10594.blog

11566.click *.11566.click

18243.loan *.18243.loan

21523.my *.21523.my

21536.my *.21536.my

240a.cc *.240a.cc

24sewerservice-vjtd.click *.24sewerservice-vjtd.click

26013.my *.26013.my

26734.my *.26734.my

29196.click *.29196.click

29197.click *.29197.click

29208.click *.29208.click

293168.click *.293168.click

301d.cc *.301d.cc

345824.one *.345824.one

347383.co *.347383.co

351689.my *.351689.my

37499.my *.37499.my

37590.my *.37590.my

40123.my *.40123.my

406399.cc *.406399.cc

406411.cc *.406411.cc

408254.cc *.408254.cc

408283.cc *.408283.cc

42924.click *.42924.click

45126.my *.45126.my

470496.top *.470496.top

47147.my *.47147.my

508jfq.cyou *.508jfq.cyou

55270.my *.55270.my

72817.click *.72817.click

93158.my *.93158.my

cc9py.com *.cc9py.com

cf90037.cc *.cf90037.cc

ghypf.cn *.ghypf.cn

homestoragers.com *.homestoragers.com

hqqpy.org *.hqqpy.org

innovlearnup.com *.innovlearnup.com

plantbreeze.click *.plantbreeze.click

use-fasttrack.top *.use-fasttrack.top

www708.bet *.www708.bet

wwweee258.top *.wwweee258.top

xiekn.bid *.xiekn.bid

zzm6.live *.zzm6.live