SSL Certificate Analysis for bailon.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=asiakoch.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 79 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E7:4D:8D:17:3F:85:2A:26:2A:07:AA:36:63:6A:2C:70:33:68:DE:00:E7:2D:41:68:6D:BC:91:AC:82:CA:10:E3

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

bailon.com *.bailon.com

Other domains in certificate

asiakoch.com *.asiakoch.com

backstreets.net *.backstreets.net

baillies.com *.baillies.com

baluta.com *.baluta.com

barokahjaya.com *.barokahjaya.com

barrabrava.com *.barrabrava.com

barwon.com *.barwon.com

bashakill.com *.bashakill.com

basicclothing.com *.basicclothing.com

batidora.com *.batidora.com

baymakservisi.com *.baymakservisi.com

*.autoconfig.bestbuyiptv.world bestbuyiptv.world *.bestbuyiptv.world *.cpcalendars.bestbuyiptv.world *.ww25.bestbuyiptv.world *.ww38.bestbuyiptv.world

geohoste.live *.geohoste.live

*.connect.ishika.com *.djoin.ishika.com ishika.com *.ishika.com *.remoto.ishika.com *.vpn2.ishika.com

*.account.microsoift.com *.accounts.microsoift.com *.activate.microsoift.com *.answers.microsoift.com *.demo.microsoift.com *.dotnet.microsoift.com *.exp.microsoift.com *.fabric.microsoift.com *.go.microsoift.com *.help.microsoift.com *.hostmaster.microsoift.com *.intune.microsoift.com *.learn.microsoift.com *.manage.microsoift.com microsoift.com *.microsoift.com *.mp.microsoift.com *.msdn.microsoift.com *.myaccount.microsoift.com *.portal.microsoift.com *.serviceshub.microsoift.com *.sls.microsoift.com *.smartscreen.microsoift.com *.support.microsoift.com *.teams.microsoift.com *.technet.microsoift.com *.wvd.microsoift.com *.ww25.microsoift.com *.wwww.microsoift.com

nayemkhan.xyz *.nayemkhan.xyz *.ww25.nayemkhan.xyz

*.blog.outrolado.com outrolado.com *.outrolado.com

*.comune.playcrotxxx.click playcrotxxx.click *.playcrotxxx.click *.us.playcrotxxx.click *.us9.playcrotxxx.click *.vvip1.playcrotxxx.click *.wp.playcrotxxx.click

*.backend.shimamurakun.net shimamurakun.net *.shimamurakun.net *.staging.shimamurakun.net

*.hostmaster.spectrombusiness.net spectrombusiness.net *.spectrombusiness.net *.wildcard.spectrombusiness.net *.ww38.spectrombusiness.net