SSL Certificate Analysis for api.bunyips.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mycardhdfc.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 13, 2026

Valid Until

May 14, 2026 87 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D1:39:38:6A:A0:7A:73:C0:A9:7E:61:F3:E9:2D:7F:F3:65:81:F8:60:41:1F:D2:36:68:AE:BC:65:E6:BF:92:B3

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bunyips.com *.bunyips.com *.api.bunyips.com *.dev.bunyips.com *.mail.bunyips.com *.rustore.bunyips.com *.sitemaps.bunyips.com *.test.bunyips.com *.ww1.bunyips.com *.ww17.bunyips.com

Other domains in certificate

*.admin.alemanas.com alemanas.com *.alemanas.com *.api.alemanas.com *.auth.alemanas.com *.blog.alemanas.com *.ck02-b7c5dc7a03-a7630138.alemanas.com *.dev.alemanas.com *.hostmaster.alemanas.com *.m.alemanas.com *.mailserver.alemanas.com *.member.alemanas.com *.mta-sts.alemanas.com *.mx.alemanas.com *.pixels.alemanas.com *.relay.alemanas.com *.server.alemanas.com *.sitemap.alemanas.com *.sitemaps.alemanas.com *.staging.alemanas.com *.test.alemanas.com *.vpn.alemanas.com *.webmail.alemanas.com *.ww16.alemanas.com *.ww25.alemanas.com *.ww38.alemanas.com

*.api.atanos.com atanos.com *.atanos.com *.blog.atanos.com *.crm.atanos.com *.mail.atanos.com *.ww11.atanos.com *.ww16.atanos.com *.ww38.atanos.com

autobras.com *.autobras.com *.hostmaster.autobras.com *.m.autobras.com *.sitemap.autobras.com *.ww16.autobras.com *.ww17.autobras.com *.ww25.autobras.com

*.44545bc6-26a4-4efa-94a4-02ced6d7c9af.bilgets.com *.app.bilgets.com bilgets.com *.bilgets.com *.boutique.bilgets.com *.mta-sts.bilgets.com *.public.bilgets.com *.quiz.bilgets.com *.rd.bilgets.com *.rds.bilgets.com *.rdweb.bilgets.com *.web.bilgets.com

*.bpm.hiphoptshirts.com *.hd.hiphoptshirts.com hiphoptshirts.com *.hiphoptshirts.com

*.ai.metartafrica.com *.coin.metartafrica.com metartafrica.com *.metartafrica.com

mycardhdfc.com *.mycardhdfc.com *.ww1.mycardhdfc.com *.ww2.mycardhdfc.com

paneemclaimscon.org *.paneemclaimscon.org *.ww.paneemclaimscon.org

*.bbs.replaytvstreaming.com *.hostmaster.replaytvstreaming.com replaytvstreaming.com *.replaytvstreaming.com *.sitemap.replaytvstreaming.com *.wordpress.replaytvstreaming.com *.ww1.replaytvstreaming.com *.ww12.replaytvstreaming.com *.ww99.replaytvstreaming.com *.www.replaytvstreaming.com