SSL Certificate Analysis for perdun.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=spnakbang.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 79 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

86:68:B6:7F:1F:A1:28:A4:57:80:02:6E:4E:A5:B7:AA:59:08:ED:45:94:D3:73:74:EB:F2:B5:01:9C:65:B6:B7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

perdun.com *.perdun.com *.anywhere.perdun.com *.apps.perdun.com *.cisapp.perdun.com *.sales.perdun.com *.xapp.perdun.com

Other domains in certificate

99yydstxt426.com *.99yydstxt426.com

*.8278.andtoid.com andtoid.com *.andtoid.com

*.api.blacklightrecon.com blacklightrecon.com *.blacklightrecon.com

chingenic.com *.chingenic.com *.hostmaster.chingenic.com

*.dev.entrepreneurial.com.au entrepreneurial.com.au *.entrepreneurial.com.au

*.com.gitlab.au gitlab.au *.gitlab.au *.is4171b.gitlab.au *.mpary2p62rcxz4o.gitlab.au *.roslinww.gitlab.au *.ww25.gitlab.au *.ww38.gitlab.au

*.cpanel.iplwinlogin.org iplwinlogin.org *.iplwinlogin.org

isingbeijing.org *.isingbeijing.org

loveleelove.com *.loveleelove.com

*.admin.meep.it meep.it *.meep.it *.reporting.meep.it

*.gateway.micklos.com micklos.com *.micklos.com

mmavc.cc *.mmavc.cc

*.hostmaster.narcomundo.com narcomundo.com *.narcomundo.com *.sitemaps.narcomundo.com *.uat.narcomundo.com *.www.narcomundo.com

pieroegypt.com *.pieroegypt.com *.ww25.pieroegypt.com

*.m.profirewood.com profirewood.com *.profirewood.com

repelis-hd.com *.repelis-hd.com

retaoposta.com *.retaoposta.com

*.remote.spanx.co spanx.co *.spanx.co *.ww25.spanx.co *.ww38.spanx.co

*.jp.spnakbang.com *.media.spnakbang.com *.random.spnakbang.com spnakbang.com *.spnakbang.com *.ww17.spnakbang.com *.ww25.spnakbang.com

surfingschool.com.au *.surfingschool.com.au

thegeberal.com *.thegeberal.com *.users.thegeberal.com *.ww25.thegeberal.com

uofs.ca *.uofs.ca

uuu7768.top *.uuu7768.top

*.art.widowed.net *.ex.widowed.net *.mail.widowed.net *.mx.widowed.net widowed.net *.widowed.net *.ww25.widowed.net