SSL Certificate Analysis for bajar.io - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=bopte.com

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 12, 2026

Valid Until

September 10, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

07:F9:B4:0D:D9:F3:6A:D1:07:78:AD:72:B6:97:26:DF:1B:5B:C7:4D:87:03:4D:E7:E7:B3:37:87:49:3E:85:C3

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bajar.io *.bajar.io *.nirala.bajar.io *.ww25.bajar.io

Other domains in certificate

02myw.pro *.02myw.pro *.cj.02myw.pro

21117.club *.21117.club

*.6-idiots.al-ibtikar.com *.admin.al-ibtikar.com al-ibtikar.com *.al-ibtikar.com *.api.al-ibtikar.com *.dev.al-ibtikar.com *.dma.al-ibtikar.com *.home.al-ibtikar.com *.intranet.al-ibtikar.com *.m.al-ibtikar.com *.nutan.al-ibtikar.com *.portal.al-ibtikar.com *.prayash.al-ibtikar.com *.remote.al-ibtikar.com *.shreeja.al-ibtikar.com *.shreejasms.al-ibtikar.com *.smsshreeja.al-ibtikar.com *.store.al-ibtikar.com *.sungava.al-ibtikar.com *.wwww.al-ibtikar.com

artdaycare.com *.artdaycare.com *.test.artdaycare.com

barenakedwoodcompany.com *.barenakedwoodcompany.com *.mail.barenakedwoodcompany.com *.sitemaps.barenakedwoodcompany.com *.ww99.barenakedwoodcompany.com *.www.barenakedwoodcompany.com

bopte.com *.bopte.com *.cpcontacts.bopte.com

*.boutique.buybestessay-online.com buybestessay-online.com *.buybestessay-online.com *.hostmaster.buybestessay-online.com *.mail.buybestessay-online.com

dvfkq.club *.dvfkq.club

iuuyeskios.sbs *.iuuyeskios.sbs

*.demo.mattsoffroadrecover.com mattsoffroadrecover.com *.mattsoffroadrecover.com *.www.mattsoffroadrecover.com

*.autodiscover.shoptogheter.it *.cpanel.shoptogheter.it *.cpcalendars.shoptogheter.it *.cpcontacts.shoptogheter.it *.hostmaster.shoptogheter.it *.mail.shoptogheter.it shoptogheter.it *.shoptogheter.it *.webdisk.shoptogheter.it *.webmail.shoptogheter.it *.www.shoptogheter.it

souqsat.com *.souqsat.com *.ww38.souqsat.com

*.random.upw.au upw.au *.upw.au *.wildcard.upw.au

usenlphq.top *.usenlphq.top

*.1.walmartapply.com *.a.walmartapply.com *.random.walmartapply.com *.vmi.walmartapply.com walmartapply.com *.walmartapply.com *.ww1.walmartapply.com *.ww16.walmartapply.com *.ww25.walmartapply.com *.ww38.walmartapply.com

wwwnba25.vip *.wwwnba25.vip

xhcyx.cc *.xhcyx.cc

xn--g2xt3dx3b.com *.xn--g2xt3dx3b.com