SSL Certificate Analysis for bmail.verifysecuritycheck.info - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=takaraya.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 16, 2026

Valid Until

July 15, 2026 61 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

1B:58:D6:BD:E5:CC:B7:53:E5:C9:E6:52:D7:B6:4D:76:33:A7:E7:B5:6E:F5:6A:45:0E:18:CC:3B:D7:9F:24:C8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

verifysecuritycheck.info *.verifysecuritycheck.info *.api.verifysecuritycheck.info *.bmail.verifysecuritycheck.info *.dolibarr.verifysecuritycheck.info *.rver.verifysecuritycheck.info *.site.verifysecuritycheck.info

Other domains in certificate

afadaong.org *.afadaong.org *.ww38.afadaong.org

bwee.com *.bwee.com *.pl2.bwee.com

capitalgeoup.com *.capitalgeoup.com

duksters.com *.duksters.com

*.cpanel.fmovies.in fmovies.in *.fmovies.in *.goto.fmovies.in *.random.fmovies.in *.superset.fmovies.in *.ww11.fmovies.in *.ww25.fmovies.in *.ww38.fmovies.in

*.9faf8ce5-fc0e-4564-9cfd-790d65b7eb60.gotclots.com *.a.gotclots.com *.admin.gotclots.com *.api.gotclots.com *.app.gotclots.com *.assets.gotclots.com *.dev.gotclots.com *.fnikbhmg.gotclots.com *.ftp.gotclots.com gotclots.com *.gotclots.com *.hostmaster.gotclots.com *.imap.gotclots.com *.m.gotclots.com *.mail.gotclots.com *.pop.gotclots.com *.preipaverogyvutadmin.gotclots.com *.pro.gotclots.com *.sign.gotclots.com *.web2.gotclots.com

*.ht.kiss.cm *.insight.kiss.cm kiss.cm *.kiss.cm *.okta.kiss.cm *.wildcard.kiss.cm *.ww16.kiss.cm *.ww25.kiss.cm *.ww38.kiss.cm

mediodebito.it *.mediodebito.it

*.a.meribhavyalife.info meribhavyalife.info *.meribhavyalife.info

*.autodiscover.orangecountywebsitedesign.com *.ccpanel.orangecountywebsitedesign.com orangecountywebsitedesign.com *.orangecountywebsitedesign.com *.website.orangecountywebsitedesign.com *.ww38.orangecountywebsitedesign.com *.yoonhiautodiscover.orangecountywebsitedesign.com

potation.com *.potation.com

protocoltrade.com *.protocoltrade.com

startformation.com *.startformation.com *.www.startformation.com

takaraya.com *.takaraya.com *.victoria.takaraya.com

vinylwrapping.com.au *.vinylwrapping.com.au

*.booksearch.waidev2.com *.carltonbooks.waidev2.com *.library.waidev2.com *.veerni.waidev2.com waidev2.com *.waidev2.com *.www.waidev2.com

websitereview.com.au *.websitereview.com.au

youtubee.com *.youtubee.com