SSL Certificate Analysis for mobile.ranzai.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=85553366.cc

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 06, 2026

Valid Until

May 07, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0E:E4:2A:34:10:A4:3C:CA:E0:06:56:F0:43:27:B0:A4:3E:4C:46:D6:94:A6:25:EF:87:E3:55:DC:89:C8:F6:CA

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

ranzai.com *.ranzai.com

Other domains in certificate

85553366.cc *.85553366.cc

asjogo.xyz *.asjogo.xyz

meetenduringventures.com *.meetenduringventures.com

play-quantum-terminal.xyz *.play-quantum-terminal.xyz

puke555.com *.puke555.com

qv0wuk.shop *.qv0wuk.shop

qwckfm.net *.qwckfm.net

qyc30.vip *.qyc30.vip

radiantadventure530.top *.radiantadventure530.top

raftlike.info *.raftlike.info

ramalanhoki.cam *.ramalanhoki.cam

ramalanhoki.skin *.ramalanhoki.skin

rd836q1.top *.rd836q1.top

realcitymap.com *.realcitymap.com

realcitymaps.com *.realcitymaps.com

rhagose.com *.rhagose.com

smu-acceptance-887292975.click *.smu-acceptance-887292975.click

svhwms.gdn *.svhwms.gdn

tonyhergon.com *.tonyhergon.com

travelopulenceawaits.xyz *.travelopulenceawaits.xyz

ugtmm.pro *.ugtmm.pro

uwpress.com *.uwpress.com

vilogabeauty.com *.vilogabeauty.com

wwwxy28.co *.wwwxy28.co

xcmwh.top *.xcmwh.top

xeaph.academy *.xeaph.academy

xecge.bid *.xecge.bid

xfilmywap.com *.xfilmywap.com

xhxtyjx.com *.xhxtyjx.com

xiangsheng77.com *.xiangsheng77.com

xiao863.top *.xiao863.top

xjs9999.com *.xjs9999.com

xn--8mrq03b.com *.xn--8mrq03b.com

xn--cd3a938ajma.com *.xn--cd3a938ajma.com

xn--gg-ic0g281c.com *.xn--gg-ic0g281c.com

xn--i8s951d49g.com *.xn--i8s951d49g.com

xn--lcyq2w.com *.xn--lcyq2w.com

xn--terceirizao-i8a5c.com *.xn--terceirizao-i8a5c.com

xn--xoq398ibqk.com *.xn--xoq398ibqk.com

xx24.xyz *.xx24.xyz

yhltm.me *.yhltm.me

yourgreattravel.com *.yourgreattravel.com

zsymdnrj.xyz *.zsymdnrj.xyz