SSL Certificate Analysis for bdsmtest.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=gmhba.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 28, 2025

Valid Until

March 28, 2026 35 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E5:C3:15:C8:2E:99:6D:92:0A:B5:C0:46:29:F6:8F:A9:1F:A1:4F:8A:C0:08:D7:94:D9:32:9A:8D:32:8D:A2:1D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bdsmtest.net *.bdsmtest.net

Other domains in certificate

0123.com.au *.0123.com.au

abigails.xyz *.abigails.xyz

alleys.com.au *.alleys.com.au

arnavutkoybalikcisi.com *.arnavutkoybalikcisi.com

bgstore.store *.bgstore.store

bidurbanlab.com *.bidurbanlab.com *.ww38.bidurbanlab.com

bk99.lol *.bk99.lol

blushers.com.au *.blushers.com.au

booktoki316.com *.booktoki316.com

cirque.store *.cirque.store

cl176.com *.cl176.com

cl80c1.com *.cl80c1.com

clhb18.com *.clhb18.com

dobbs.au *.dobbs.au *.ww38.dobbs.au

dthot.com *.dthot.com

einmin.com *.einmin.com *.hostmaster.einmin.com

erafitness.store *.erafitness.store

ferdinand.au *.ferdinand.au *.random.ferdinand.au *.ww38.ferdinand.au

geomertyspot.com *.geomertyspot.com

*.com.gmhba.com gmhba.com *.gmhba.com *.jenkins.gmhba.com *.mail.gmhba.com *.random.gmhba.com *.ww38.gmhba.com

healthyteeth.au *.healthyteeth.au

howlarts.net *.howlarts.net

interfusion.com *.interfusion.com

iskrbt06.xyz *.iskrbt06.xyz

liteboats.com *.liteboats.com

martingaranger.com *.martingaranger.com

mathcoolgames.com *.mathcoolgames.com *.ww38.mathcoolgames.com

metrowear.store *.metrowear.store

michaelagwunobi.com *.michaelagwunobi.com *.preview.michaelagwunobi.com *.ww38.michaelagwunobi.com

odyi.com *.odyi.com

onlinebidding.com.au *.onlinebidding.com.au

parafraseo.org *.parafraseo.org

roundtechnology.xyz *.roundtechnology.xyz

soq.com.au *.soq.com.au *.ww38.soq.com.au

tisaete.com *.tisaete.com *.ww25.tisaete.com

*.random.xn--abokndigung-whb.de xn--abokndigung-whb.de *.xn--abokndigung-whb.de