SSL Certificate Analysis for web.d10d.pro - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=f1adc.com

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 03, 2026

Valid Until

September 01, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2E:5A:65:F0:91:5E:9B:FE:4F:FB:E4:5C:3A:A4:44:21:90:D0:A3:2B:5A:6B:B5:DB:6B:BB:43:9A:15:31:2E:07

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

d10d.pro *.d10d.pro *.8ak1mf.d10d.pro *.mail.d10d.pro *.mailer.d10d.pro

Other domains in certificate

25819.my *.25819.my

2732x.xyz *.2732x.xyz

27550501.vip *.27550501.vip

33912.co *.33912.co

52994.my *.52994.my

5c58.cc *.5c58.cc

62474.my *.62474.my

7nyjwa.cc *.7nyjwa.cc

8359485.cc *.8359485.cc

877772jj.cc *.877772jj.cc

91839.my *.91839.my

933002.co *.933002.co

an99.foo *.an99.foo *.demo.an99.foo *.go67wc.an99.foo *.test.an99.foo *.www.an99.foo

axelliantdealflow.com *.axelliantdealflow.com

axelliantitcare.com *.axelliantitcare.com

azeye.info *.azeye.info

bettertechnology24.online *.bettertechnology24.online

bnanny.com *.bnanny.com

briskish.com *.briskish.com

by3tqp.xyz *.by3tqp.xyz

cartonic.online *.cartonic.online

cayyx.cc *.cayyx.cc

cogil168bucharest.xyz *.cogil168bucharest.xyz

collodiochloride.com *.collodiochloride.com

colossal-corretagem.info *.colossal-corretagem.info

com16644.xyz *.com16644.xyz

comprasegurapay.cyou *.comprasegurapay.cyou

comprasegurapay.xyz *.comprasegurapay.xyz

*.egypte.f1adc.com f1adc.com *.f1adc.com

fashionthemes.com *.fashionthemes.com *.test.fashionthemes.com

ngryman.sh *.ngryman.sh *.ufa.ngryman.sh

*.assets.nyxe.tech nyxe.tech *.nyxe.tech

tradeofre.com *.tradeofre.com

*.onlineww38.usps-tracking.online usps-tracking.online *.usps-tracking.online *.www.usps-tracking.online

vegashouse.xyz *.vegashouse.xyz

whitening-toothpaste-usa.site *.whitening-toothpaste-usa.site

*.sitemaps.xali.org xali.org *.xali.org