SSL Certificate Analysis for zigum.one - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=brainrot-ai.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 85 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C8:31:34:E3:F9:0A:E6:1B:C6:40:7B:31:93:E6:59:4B:EE:6F:72:50:96:A6:09:9B:55:B8:49:81:30:16:42:BD

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

zigum.one *.zigum.one

Other domains in certificate

brainrot-ai.com *.brainrot-ai.com

c95ud.mom *.c95ud.mom

carem.io *.carem.io

dariusrudis.com *.dariusrudis.com

dicthindi.com *.dicthindi.com

disini-toto.com *.disini-toto.com

disini-toto.org *.disini-toto.org

disinitotoo.com *.disinitotoo.com

disinitotoo.org *.disinitotoo.org

dispute.chat *.dispute.chat

diyalottery.vip *.diyalottery.vip

dooox.com *.dooox.com

dq5v8kq.top *.dq5v8kq.top

eleme.xyz *.eleme.xyz

eqggd1q.top *.eqggd1q.top

er-support.com *.er-support.com

facebooknnail.com *.facebooknnail.com

fs112184.cc *.fs112184.cc

gonebyforce.com *.gonebyforce.com

gsj.my *.gsj.my

gthmbieobjajxbgxudco.com *.gthmbieobjajxbgxudco.com

hcnnunc.top *.hcnnunc.top

lucky7771.top *.lucky7771.top

lyrislaser.com *.lyrislaser.com

mainnetairdrop.com *.mainnetairdrop.com

moamo.vip *.moamo.vip

munitechmotorcars.com *.munitechmotorcars.com

mytoolstore.co.uk *.mytoolstore.co.uk

neomintelligence.com *.neomintelligence.com

pixeladventure53.top *.pixeladventure53.top

pixelthread.art *.pixelthread.art

reflectiveessayhelp.com *.reflectiveessayhelp.com

rox-casino-legal.top *.rox-casino-legal.top

scorewarrior788.info *.scorewarrior788.info

sex789.net *.sex789.net

win79slot.top *.win79slot.top

xn--9kqw1xewt.art *.xn--9kqw1xewt.art

xs117.com *.xs117.com

xs132.com *.xs132.com

xs477.com *.xs477.com

*.quan.xs617.com xs617.com *.xs617.com

xs622.com *.xs622.com

zx777.me *.zx777.me