SSL Certificate Analysis for user-claim.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=73664.blog

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 09, 2026

Valid Until

July 08, 2026 55 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7A:24:01:59:17:DB:41:88:E8:00:B6:F5:70:83:EA:55:FE:7C:F4:91:68:F6:A8:35:95:EB:3B:46:79:D2:E1:F5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

user-claim.com *.user-claim.com

Other domains in certificate

73664.blog *.73664.blog

74084.vip *.74084.vip

74690.pro *.74690.pro

75090.blog *.75090.blog

75289.bond *.75289.bond

75424.academy *.75424.academy

76524.equipment *.76524.equipment

76b9dcqqvw.sbs *.76b9dcqqvw.sbs

agenticcoupon.com *.agenticcoupon.com

agenticola.com *.agenticola.com

auroradigitalbanking.com *.auroradigitalbanking.com

axspo.art *.axspo.art

blumy.co *.blumy.co

businessoptions.com *.businessoptions.com

dk-furniture-c95d81d6.sbs *.dk-furniture-c95d81d6.sbs

driveexpress.app *.driveexpress.app

fnbanks.com *.fnbanks.com

gadgeteering.net *.gadgeteering.net

gdosf.ren *.gdosf.ren

greenhouse-jobs-0m3r9q5o0e9.sbs *.greenhouse-jobs-0m3r9q5o0e9.sbs

gvfuck.rip *.gvfuck.rip

hcomxgspon.xyz *.hcomxgspon.xyz

hdmaal.quest *.hdmaal.quest

highkeyshow.com *.highkeyshow.com

hipsteroski.co *.hipsteroski.co

hl61.co *.hl61.co

hl63.co *.hl63.co

howtodrawaeasy.com *.howtodrawaeasy.com

imunb.com *.imunb.com

incorporateinusa.org *.incorporateinusa.org

infiniteclick555.info *.infiniteclick555.info

inhhced.com *.inhhced.com

jobmatcher.co *.jobmatcher.co

qsrno.town *.qsrno.town

qttax1008.com *.qttax1008.com

qubelltic.com *.qubelltic.com

rivlyplatformnetwork.co *.rivlyplatformnetwork.co

sandt.co *.sandt.co

sidefree.com *.sidefree.com

stekarms.com *.stekarms.com

stonecreekhub.com *.stonecreekhub.com

suv-cars-in-affordable-price.sbs *.suv-cars-in-affordable-price.sbs

us-photography-software-iq-61.today *.us-photography-software-iq-61.today

wainscot.ca *.wainscot.ca