SSL Certificate Analysis for mbuli.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=lymwep.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7C:53:F9:01:ED:EB:33:07:C6:21:DA:86:42:54:98:C8:F2:94:B2:5E:DF:D7:F1:50:E7:41:A3:2C:9A:79:79:36

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

mbuli.com *.mbuli.com *.backup.mbuli.com *.dev.mbuli.com *.hostmaster.mbuli.com *.test.mbuli.com *.vlyu.mbuli.com *.ww1.mbuli.com *.ww38.mbuli.com

Other domains in certificate

*.24.458aa.com 458aa.com *.458aa.com *.ccwww.458aa.com *.www.458aa.com *.yyy.458aa.com

6666023zz3.shop *.6666023zz3.shop *.com.6666023zz3.shop

aduna.it *.aduna.it *.visual.aduna.it

bila.it *.bila.it *.remote.bila.it

bpbjprovlampung.org *.bpbjprovlampung.org *.ftp.bpbjprovlampung.org *.mail.bpbjprovlampung.org

*.asian.camwhores.xyz camwhores.xyz *.camwhores.xyz *.kaki.camwhores.xyz *.ww01.camwhores.xyz

drjosesalazar.co *.drjosesalazar.co

*.blog.eosalliance.org eosalliance.org *.eosalliance.org

gameforgaming.com *.gameforgaming.com

*.6af2b7af-d9c3-4853-ba6a-df14dd568625.hinime.tv hinime.tv *.hinime.tv *.ww16.hinime.tv *.ww25.hinime.tv *.ww38.hinime.tv *.ww43.hinime.tv *.wwww.hinime.tv

*.hostmaster.lkdomains.com lkdomains.com *.lkdomains.com *.ww1.lkdomains.com

lymwep.com *.lymwep.com

*.b4b01.mbluvdh.com *.h442z4.mbluvdh.com *.h44sz3.mbluvdh.com *.h44tz3.mbluvdh.com *.h44uz3.mbluvdh.com *.h44vz1.mbluvdh.com *.h44vz2.mbluvdh.com *.h454z2.mbluvdh.com *.h45822.mbluvdh.com *.h458z2.mbluvdh.com *.h45bz4.mbluvdh.com *.h45cz2.mbluvdh.com *.h45qz4.mbluvdh.com *.h46yz1.mbluvdh.com *.h47xz2.mbluvdh.com *.h485z2.mbluvdh.com *.h48qz5.mbluvdh.com *.m.mbluvdh.com mbluvdh.com *.mbluvdh.com

mehroz.com *.mehroz.com

*.nkc-ps-dev.nkcshools.org nkcshools.org *.nkcshools.org

*.reporting.schettino.com schettino.com *.schettino.com

swagdral.me *.swagdral.me

weddingsansar.com *.weddingsansar.com

*.m.xn--chapec-gxa.org *.ww1.xn--chapec-gxa.org xn--chapec-gxa.org *.xn--chapec-gxa.org