SSL Certificate Analysis for tinnh.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=hackingedu.co

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 28, 2026

Valid Until

July 27, 2026 66 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C9:20:3E:62:DA:AD:06:E6:2E:26:4F:88:44:42:2C:EF:2A:C1:B2:E1:AD:1C:EB:BC:46:57:E4:96:E8:AE:B1:20

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

tinnh.com *.tinnh.com *.api.tinnh.com *.app.tinnh.com

Other domains in certificate

6fomo.com *.6fomo.com *.probiller.6fomo.com *.random.6fomo.com *.www.6fomo.com

*.2.csly.info *.6.csly.info csly.info *.csly.info

*.2015.hackingedu.co hackingedu.co *.hackingedu.co

*.1ca2ab68-e1eb-44c4-a529-b10d91b0f582.j-n444.info *.34a110b1-fe0b-4f6b-b1af-2b90a0f7f603.j-n444.info *.a.j-n444.info *.api.j-n444.info *.billing.j-n444.info *.cdc110bc-bd9c-49e8-922a-453c39176337.j-n444.info *.dev.j-n444.info *.hostmaster.j-n444.info j-n444.info *.j-n444.info *.members.j-n444.info *.membros.j-n444.info *.new.j-n444.info *.test.j-n444.info

*.734e0bcc-19ca-4b6e-8eb0-b6a6dc0d0d8b.nwol.co.uk *.admin.nwol.co.uk *.app.nwol.co.uk *.bi.nwol.co.uk *.boutique.nwol.co.uk *.cloud.nwol.co.uk *.demo.nwol.co.uk *.ebmail.nwol.co.uk *.ftp.nwol.co.uk *.git.nwol.co.uk *.gitlab.nwol.co.uk *.localhost.nwol.co.uk *.m.nwol.co.uk *.mail.nwol.co.uk *.mail2.nwol.co.uk *.notexistsftp.nwol.co.uk *.notexistsowa.nwol.co.uk *.notexistsweb.nwol.co.uk *.notexistswwww.nwol.co.uk nwol.co.uk *.nwol.co.uk *.order.nwol.co.uk *.owa.nwol.co.uk *.pop.nwol.co.uk *.rd.nwol.co.uk *.rds.nwol.co.uk *.rdweb.nwol.co.uk *.remote.nwol.co.uk *.smtp.nwol.co.uk *.smtp3.nwol.co.uk *.stats.nwol.co.uk *.superset.nwol.co.uk *.ts.nwol.co.uk *.vpn.nwol.co.uk *.web.nwol.co.uk *.webmail.nwol.co.uk *.www.nwol.co.uk *.wwww.nwol.co.uk

*.admin.thethirtysomethingbride.com *.m.thethirtysomethingbride.com thethirtysomethingbride.com *.thethirtysomethingbride.com

*.admin.yyhgdh.com *.app2.yyhgdh.com *.cgvztremoteapp2.yyhgdh.com *.cloud.yyhgdh.com *.krasnodar.yyhgdh.com *.m.yyhgdh.com *.rd.yyhgdh.com *.remoteapp2.yyhgdh.com *.ssl3.yyhgdh.com *.terminal2.yyhgdh.com yyhgdh.com *.yyhgdh.com

*.api.zombieknocksdoor3d.info *.app.zombieknocksdoor3d.info *.dev.zombieknocksdoor3d.info *.staging.zombieknocksdoor3d.info zombieknocksdoor3d.info *.zombieknocksdoor3d.info