SSL Certificate Analysis for comwww.ymfun.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=offshorefi.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 06, 2026

Valid Until

September 04, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C1:33:EE:7A:DD:40:9D:E9:65:72:B9:0B:09:F2:BA:6B:3A:60:3F:48:91:5E:F7:84:28:BC:BF:94:09:C4:A4:32

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

ymfun.com *.ymfun.com *.comwww.ymfun.com *.logs.ymfun.com *.m.ymfun.com *.mx1.ymfun.com *.mx2.ymfun.com

Other domains in certificate

00006.cc *.00006.cc *.xg.00006.cc

alluringwines.com *.alluringwines.com *.api.alluringwines.com *.app.alluringwines.com *.dev.alluringwines.com *.rd.alluringwines.com

artand.it *.artand.it *.staging.artand.it

av7777av.com *.av7777av.com *.com.av7777av.com

*.analytic.coprisella.com *.api.coprisella.com *.app.coprisella.com *.backend.coprisella.com coprisella.com *.coprisella.com *.demo.coprisella.com *.flow.coprisella.com *.notexistsmx.coprisella.com *.stats.coprisella.com

flamingling.com *.flamingling.com *.secure.flamingling.com

*.admin.jdmstaging.xyz *.com.jdmstaging.xyz *.d.jdmstaging.xyz jdmstaging.xyz *.jdmstaging.xyz *.secure.jdmstaging.xyz *.www.jdmstaging.xyz

labonita.com *.labonita.com *.onlyfans.labonita.com

*.b0ea4e4e-bc8b-41a6-88f6-41aaf01ebd0d.mitotioksong.com mitotioksong.com *.mitotioksong.com

offshorefi.com *.offshorefi.com *.www.offshorefi.com

saasdaddy.com *.saasdaddy.com

sharepointdan.com *.sharepointdan.com

smartknostic.com *.smartknostic.com

spiritsmile.com *.spiritsmile.com

superlviy.com *.superlviy.com

*.shop.tizarahmart.com tizarahmart.com *.tizarahmart.com

urbanladder.co *.urbanladder.co *.ww25.urbanladder.co

*.cpcontacts.voicemarket.net voicemarket.net *.voicemarket.net

*.cc.waforxste.cc *.com.waforxste.cc waforxste.cc *.waforxste.cc

*.wildcard.xn--jvrq14e4gf1st.com xn--jvrq14e4gf1st.com *.xn--jvrq14e4gf1st.com

*.merchant.zenpay.in *.pg.zenpay.in *.shop.zenpay.in *.sitemaps.zenpay.in *.www.zenpay.in zenpay.in *.zenpay.in

*.sanji.zhenghun360.com zhenghun360.com *.zhenghun360.com

*.com.zikoniapets.com zikoniapets.com *.zikoniapets.com