SSL Certificate Analysis for bbs.imsb.pro - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=wclick.space

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

December 31, 2025

Valid Until

March 31, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B5:84:96:EB:D9:AC:F3:EE:EE:11:E2:25:F5:8B:52:58:A0:F0:F2:8F:00:F2:8E:58:68:CC:9C:0B:F7:0B:B6:5F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

imsb.pro *.imsb.pro *.bbs.imsb.pro *.x-rn-ca.imsb.pro *.x-vultr-sgp.imsb.pro

Other domains in certificate

26xx9.xyz *.26xx9.xyz *.eappdev0.26xx9.xyz *.pgt01.26xx9.xyz *.stage.26xx9.xyz *.stg.26xx9.xyz *.toyota.26xx9.xyz *.videohulp.26xx9.xyz *.vsm.26xx9.xyz *.ww25.26xx9.xyz

accountformula1.com *.accountformula1.com *.remote.accountformula1.com

anfieldaccommodation.co.uk *.anfieldaccommodation.co.uk

bhphovideo.com *.bhphovideo.com

citizenswatches.com *.citizenswatches.com *.directory.citizenswatches.com *.m.citizenswatches.com *.mailin.citizenswatches.com *.ww16.citizenswatches.com *.ww38.citizenswatches.com

clover-health-centre.co.uk *.clover-health-centre.co.uk

colorprinters.com.au *.colorprinters.com.au

compuzero.com *.compuzero.com

dduniversity.in *.dduniversity.in *.ftp.dduniversity.in *.mail.dduniversity.in *.pg.dduniversity.in

fassi.live *.fassi.live *.www.fassi.live

gestaofinanceira.com.br *.gestaofinanceira.com.br *.ww16.gestaofinanceira.com.br

gypsyfalls.com.au *.gypsyfalls.com.au

kareem.pw *.kareem.pw *.review.kareem.pw *.rosesmile.kareem.pw *.taif.kareem.pw *.united.kareem.pw

memesoundfx.com *.memesoundfx.com

*.backup.poemon.com poemon.com *.poemon.com *.ub.poemon.com *.ww.poemon.com

redtrastero.net *.redtrastero.net

snapzzz.cc *.snapzzz.cc *.wildcard.snapzzz.cc *.ww2.snapzzz.cc *.ww38.snapzzz.cc *.www.snapzzz.cc *.wwww.snapzzz.cc

tanbur.co.uk *.tanbur.co.uk

*.bb.thesistersrestaurant.com *.chat.thesistersrestaurant.com thesistersrestaurant.com *.thesistersrestaurant.com *.ww16.thesistersrestaurant.com *.ww17.thesistersrestaurant.com *.ww38.thesistersrestaurant.com

versusairlines.net *.versusairlines.net

wclick.space *.wclick.space

websitedesignheidelberg.com.au *.websitedesignheidelberg.com.au

*.api.wwwvisible.com *.hostmaster.wwwvisible.com *.local.wwwvisible.com wwwvisible.com *.wwwvisible.com