SSL Certificate Analysis for pool.asalia.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=gameallo.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 08, 2026

Valid Until

September 06, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FD:29:96:CA:E1:3C:70:FD:9B:ED:F8:97:AE:0F:F8:CE:9A:02:11:F1:83:06:E5:CF:F7:AD:BD:53:06:03:22:6C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

asalia.com *.asalia.com *.gutjqd26cy.asalia.com *.labs.asalia.com *.media.asalia.com *.nhac.asalia.com *.pool.asalia.com *.svn.asalia.com *.wildcard.asalia.com *.ww25.asalia.com

Other domains in certificate

882098v.my *.882098v.my *.www.882098v.my

ayurvedaherb.in *.ayurvedaherb.in *.m.ayurvedaherb.in

*.api.courtera.com courtera.com *.courtera.com *.nextcloud.courtera.com

dollar-lion.info *.dollar-lion.info

flarescope-mote.rest *.flarescope-mote.rest *.phjxkk.flarescope-mote.rest

gameallo.com *.gameallo.com *.mail.gameallo.com *.webmail.gameallo.com *.www.gameallo.com

gauryamunacity.info *.gauryamunacity.info

gjyrehz400.vip *.gjyrehz400.vip

gmtdv.qpon *.gmtdv.qpon

*.autodiscover.gymrow.com *.cms.gymrow.com gymrow.com *.gymrow.com *.mx.gymrow.com *.nextcloud.gymrow.com *.webdisk.gymrow.com *.wildcard.gymrow.com

heyelitercs.com *.heyelitercs.com

heyelitercsai.com *.heyelitercsai.com

hospitalguide.com.au *.hospitalguide.com.au *.www.hospitalguide.com.au

htmlang.com *.htmlang.com

*.autodiscover.idefendva.com idefendva.com *.idefendva.com *.ww25.idefendva.com

*.client.jdgs.org *.connectvpn.jdgs.org *.hostmaster.jdgs.org jdgs.org *.jdgs.org *.login.jdgs.org *.mobile.jdgs.org *.office.jdgs.org *.secureaccess.jdgs.org *.ssl.jdgs.org *.vpn.jdgs.org *.vpn1.jdgs.org *.vpn2.jdgs.org *.web.jdgs.org *.webconnect.jdgs.org *.webvpn.jdgs.org *.wildcard.jdgs.org

*.insight.nftdeb.art nftdeb.art *.nftdeb.art *.sitemap.nftdeb.art

pola77.top *.pola77.top

*.mx.shopcloud.co shopcloud.co *.shopcloud.co *.www.shopcloud.co

*.cloud.xn--us1a92x.com *.m.xn--us1a92x.com *.rds.xn--us1a92x.com xn--us1a92x.com *.xn--us1a92x.com