SSL Certificate Analysis for dev.vbrpl.io - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=elclubdelcambio.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 01, 2026

Valid Until

April 01, 2026 50 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FA:32:D4:F2:7C:7B:AE:28:C0:B5:9E:61:55:87:FE:16:2C:E6:56:EF:31:62:9F:F5:02:52:9C:A2:7D:9C:06:7B

Alternative Names

76 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

76 domains

vbrpl.io *.vbrpl.io *.dev.vbrpl.io *.qa.vbrpl.io *.ww38.vbrpl.io

Other domains in certificate

*.9xmovies.9xmovies.app 9xmovies.app *.9xmovies.app *.chart.9xmovies.app *.ww25.9xmovies.app *.ww38.9xmovies.app

buka824.top *.buka824.top

cipit777.co *.cipit777.co *.ww38.cipit777.co

*.comune.conslidated.com conslidated.com *.conslidated.com *.mx20.conslidated.com *.notion.conslidated.com *.pipeline.conslidated.com *.sandbox.conslidated.com *.saratov.conslidated.com *.server2.conslidated.com *.wordpress.conslidated.com

czzyhd.com *.czzyhd.com *.xn--www-un3ek45xglk.czzyhd.com

*.cuentas.elclubdelcambio.com elclubdelcambio.com *.elclubdelcambio.com *.iguazu.elclubdelcambio.com *.system.elclubdelcambio.com

fmovieszto.cc *.fmovieszto.cc *.sitemap.fmovieszto.cc *.sitemaps.fmovieszto.cc *.ww25.fmovieszto.cc

holistar.com *.holistar.com *.random.holistar.com

*.hostmaster.icloun.com icloun.com *.icloun.com *.mail.icloun.com *.uk.icloun.com

*.awsacademy.intstructure.com *.canvas.intstructure.com *.catalog.intstructure.com *.hostmaster.intstructure.com intstructure.com *.intstructure.com

*.ingalls.mypaymef.com mypaymef.com *.mypaymef.com *.unitupoint.mypaymef.com

philippinesmyth.site *.philippinesmyth.site *.ww25.philippinesmyth.site

*.random.uspsstam.com uspsstam.com *.uspsstam.com

*.1c41ee4e-7124-4aa6-83b1-d728f3b3c69a.yellowstonetvstore.com *.6c2c5683-81f8-4a59-841c-e3c83b2afd00.yellowstonetvstore.com *.83473126-bb4e-4add-902d-eb13807e30df.yellowstonetvstore.com *.analytic.yellowstonetvstore.com *.assets.yellowstonetvstore.com *.cloud.yellowstonetvstore.com *.sitemap.yellowstonetvstore.com *.sitemaps.yellowstonetvstore.com *.wildcard.yellowstonetvstore.com *.ww25.yellowstonetvstore.com *.www.yellowstonetvstore.com yellowstonetvstore.com *.yellowstonetvstore.com