SSL Certificate Analysis for arangam.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=appoll.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 05, 2026

Valid Until

May 06, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

06:F1:71:37:73:D2:5B:6A:7D:BE:36:52:1E:8A:A8:99:88:8A:F5:94:A3:30:EE:C6:D2:12:87:7E:4C:A0:3C:0C

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

arangam.com *.arangam.com

Other domains in certificate

akwam.us *.akwam.us *.eg.akwam.us *.to.akwam.us *.web-dl.akwam.us *.ww25.akwam.us

amberfields.com *.amberfields.com

appoll.com *.appoll.com

arbitragem.com *.arbitragem.com

arlatuottajat.com *.arlatuottajat.com

*.api.cadilar.com cadilar.com *.cadilar.com *.portal.cadilar.com *.remote.cadilar.com *.ssl.cadilar.com *.sslvpn.cadilar.com *.ww17.cadilar.com *.ww25.cadilar.com

ementa.com *.ementa.com *.help.ementa.com *.ww5.ementa.com

*.analytic-prod.eyeq.bot *.app.eyeq.bot eyeq.bot *.eyeq.bot

*.correo.guardpro-vpn.info guardpro-vpn.info *.guardpro-vpn.info

*.help.koganemochi.com koganemochi.com *.koganemochi.com

*.de.koyla.io koyla.io *.koyla.io

*.help.kyoukasho.com kyoukasho.com *.kyoukasho.com

*.a1.link-vioslot-antinawala.site *.akunvip.link-vioslot-antinawala.site *.daftar.link-vioslot-antinawala.site *.dana.link-vioslot-antinawala.site *.jackpot.link-vioslot-antinawala.site link-vioslot-antinawala.site *.link-vioslot-antinawala.site *.login.link-vioslot-antinawala.site *.pg.link-vioslot-antinawala.site *.pragmatic.link-vioslot-antinawala.site *.ungu1.link-vioslot-antinawala.site *.untungvioslot.link-vioslot-antinawala.site *.www.link-vioslot-antinawala.site

*.help.muraoka.com *.hostmaster.muraoka.com muraoka.com *.muraoka.com

*.manager-open.sepay.xyz sepay.xyz *.sepay.xyz *.t-member.sepay.xyz

*.mjkcqww38.sportsvisor.com *.sitemap.sportsvisor.com sportsvisor.com *.sportsvisor.com

*.hostmaster.tenlit.com *.random.tenlit.com tenlit.com *.tenlit.com

universallifechurch.com *.universallifechurch.com *.www.universallifechurch.com

*.hu.uu2023.com *.hyqx.uu2023.com *.sdc.uu2023.com *.txws.uu2023.com uu2023.com *.uu2023.com *.website.uu2023.com *.yl.uu2023.com *.yz.uu2023.com

watchingstream.site *.watchingstream.site

yukashe.site *.yukashe.site