SSL Certificate Analysis for ganbarou.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=zoty2231.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

40:64:1B:55:04:7A:10:A3:E1:8F:CD:1E:4C:12:97:85:C4:C0:88:9E:B6:C5:7C:FB:3C:ED:42:6C:25:8B:07:AA

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

ganbarou.com *.ganbarou.com *.api.ganbarou.com *.dev.ganbarou.com *.mail.ganbarou.com *.test.ganbarou.com *.ww16.ganbarou.com *.ww25.ganbarou.com

Other domains in certificate

1600.in *.1600.in *.d.1600.in *.rapheleng.1600.in *.rs.1600.in

*.admin.aundre.com aundre.com *.aundre.com *.client.aundre.com *.community.aundre.com *.connectvpn.aundre.com *.demo.aundre.com *.finance.aundre.com *.gateway.aundre.com *.hostmaster.aundre.com *.ipe.aundre.com *.login.aundre.com *.m.aundre.com *.mkezimobile.aundre.com *.mobile.aundre.com *.office.aundre.com *.rustore.aundre.com *.secureaccess.aundre.com *.sitemap.aundre.com *.ssl.aundre.com *.staging.aundre.com *.test.aundre.com *.vpn.aundre.com *.vpn1.aundre.com *.vpn2.aundre.com *.web.aundre.com *.webconnect.aundre.com *.webvpn.aundre.com *.wtxgwsecureaccess.aundre.com *.ww17.aundre.com

barbender.com *.barbender.com *.m.barbender.com

bedquilts.com *.bedquilts.com

bpenews.com *.bpenews.com *.ww42.bpenews.com

*.bell-exist.cliplips.com cliplips.com *.cliplips.com *.imgp.cliplips.com *.m.cliplips.com *.www.cliplips.com

ylxww.com.cn *.ylxww.com.cn

gamedom.me *.gamedom.me *.guilherme997poster.gamedom.me *.poster.gamedom.me *.sfr.gamedom.me

*.hnna.ossil.com *.m.ossil.com ossil.com *.ossil.com *.vpn.ossil.com *.ww16.ossil.com *.ww17.ossil.com

*.demo.parkinganytime.com parkinganytime.com *.parkinganytime.com

roche.team *.roche.team *.systemsen.roche.team

vasrin.com *.vasrin.com

vks10.top *.vks10.top

xhyh83.com *.xhyh83.com

*.bbs.zeedonk.com *.dev.zeedonk.com *.kfp.zeedonk.com zeedonk.com *.zeedonk.com

zoty2231.com *.zoty2231.com