SSL Certificate Analysis for gta.bio - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=protolitethailand.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 23, 2026

Valid Until

July 22, 2026 60 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F6:8A:7E:12:C5:54:B0:0E:7F:0E:FA:ED:6A:21:55:8D:8F:25:F6:65:3E:1C:C3:2E:75:9F:85:88:15:2F:23:75

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

gta.bio *.gta.bio *.xty.gta.bio *.xxy.gta.bio *.xyy.gta.bio

Other domains in certificate

4hu45.cn *.4hu45.cn *.cc.4hu45.cn *.co.4hu45.cn *.com.4hu45.cn *.icu.4hu45.cn *.la.4hu45.cn *.me.4hu45.cn *.moe.4hu45.cn *.pro.4hu45.cn *.se.4hu45.cn *.som.4hu45.cn *.tv.4hu45.cn *.vip.4hu45.cn *.xyz.4hu45.cn

atori.eu *.atori.eu *.comune.atori.eu *.smtp.atori.eu

balkrishna.com *.balkrishna.com *.comchaudhary.balkrishna.com *.wwww.balkrishna.com

cosmicaccountant.com *.cosmicaccountant.com *.pop.cosmicaccountant.com *.random.cosmicaccountant.com *.sitemap.cosmicaccountant.com *.sitemaps.cosmicaccountant.com

echeckoutenlist.com *.echeckoutenlist.com

empirestatepenshow.com *.empirestatepenshow.com

*.com.healthcarebdos.com healthcarebdos.com *.healthcarebdos.com

inatysco.com *.inatysco.com *.m.inatysco.com

joyinteractive.co.uk *.joyinteractive.co.uk

*.burtcom.oadrunner.com *.comune.oadrunner.com *.d.oadrunner.com *.mx.oadrunner.com oadrunner.com *.oadrunner.com *.orange.oadrunner.com *.r.oadrunner.com *.show.oadrunner.com *.work.oadrunner.com *.ww25.oadrunner.com *.ww38.oadrunner.com *.yahoo.oadrunner.com

*.dev.onemainfnancial.com *.hostmaster.onemainfnancial.com *.old.onemainfnancial.com onemainfnancial.com *.onemainfnancial.com *.www.onemainfnancial.com

protolitethailand.com *.protolitethailand.com

*.cpcalendars.resort-theking.com resort-theking.com *.resort-theking.com *.webdisk.resort-theking.com

*.m.xn--psu.com xn--psu.com *.xn--psu.com

*.3a629f7d-3df9-456d-be0d-40b009a44bf7.zcong.at *.5.zcong.at *.75177e65-cb87-4658-958b-c88c6c577c3b.zcong.at *.s1.zcong.at *.service.zcong.at *.vpn.zcong.at *.whm.zcong.at *.www1.zcong.at zcong.at *.zcong.at

*.app.zs5319.com *.media.zs5319.com *.vpn.zs5319.com *.www.zs5319.com zs5319.com *.zs5319.com