SSL Certificate Analysis for api.ganbarou.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=testsiegetr.de

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 11, 2026

Valid Until

May 12, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7F:18:1F:7A:65:4C:A6:C1:FA:B4:3D:4D:92:BE:6D:5A:B4:69:C0:4C:49:F8:A0:D7:37:6C:16:0E:50:F0:CB:7D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

ganbarou.com *.ganbarou.com *.api.ganbarou.com *.crm.ganbarou.com *.dev.ganbarou.com *.mail.ganbarou.com *.test.ganbarou.com *.ww16.ganbarou.com *.ww25.ganbarou.com

Other domains in certificate

29fng8vg.com *.29fng8vg.com *.ww38.29fng8vg.com

5354.au *.5354.au *.random.5354.au

altadefinizione01.homes *.altadefinizione01.homes

ampre.com.au *.ampre.com.au

beybuy.com *.beybuy.com *.ww38.beybuy.com

*.ecrew.flysubai.com flysubai.com *.flysubai.com *.ww25.flysubai.com

fuenf-zu-zwei-diaet.de *.fuenf-zu-zwei-diaet.de

golfnow.cm *.golfnow.cm *.random.golfnow.cm

*.alpha.invesging.com *.de.invesging.com invesging.com *.invesging.com *.superset.invesging.com

kotmail.de *.kotmail.de

lmx.com.au *.lmx.com.au

*.cg4o5.mapreason.top *.fu1fc.mapreason.top mapreason.top *.mapreason.top *.rczhl.mapreason.top

mode.net.au *.mode.net.au

*.g.nazarenoyoro.com nazarenoyoro.com *.nazarenoyoro.com *.ww25.nazarenoyoro.com

polycythaemia-vera.de *.polycythaemia-vera.de

prices.co.za *.prices.co.za

*.random.sierraproject.au sierraproject.au *.sierraproject.au

testsiegetr.de *.testsiegetr.de

*.admin.vanillavisa.co *.blog.vanillavisa.co *.emv1.vanillavisa.co *.forum.vanillavisa.co *.help.vanillavisa.co *.insight.vanillavisa.co *.old.vanillavisa.co vanillavisa.co *.vanillavisa.co *.ww.vanillavisa.co *.ww25.vanillavisa.co

vante.me *.vante.me

*.api.wystroeb5323.com *.random.wystroeb5323.com wystroeb5323.com *.wystroeb5323.com

xn--welches-homopathische-mittel-d2c.de *.xn--welches-homopathische-mittel-d2c.de

*.9dce863c-f4c6-49b2-857d-4ccb032c870a.zoubaine.com *.admin.zoubaine.com *.app.zoubaine.com *.assets.zoubaine.com *.backup.zoubaine.com *.cd94dd2d-e710-4e2a-9721-62bf5d23c2db.zoubaine.com *.jzpawcloud.zoubaine.com *.store.zoubaine.com *.vpn.zoubaine.com zoubaine.com *.zoubaine.com