SSL Certificate Analysis for pool.asyrology.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=gorillacakeog.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 09, 2026

Valid Until

July 08, 2026 58 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

32:37:9D:D2:CA:42:90:80:F3:71:53:73:79:49:CD:E2:C2:C2:1A:64:C6:78:FA:EE:B2:E8:07:9B:EE:0E:2C:F4

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

asyrology.com *.asyrology.com *.comune.asyrology.com *.journal.asyrology.com *.mail.asyrology.com *.mail02.asyrology.com *.mobil.asyrology.com *.net.asyrology.com *.pool.asyrology.com *.random.asyrology.com *.zimbra.asyrology.com

Other domains in certificate

bicyclingpla.net *.bicyclingpla.net

ecehispanic.org *.ecehispanic.org *.igsky.ecehispanic.org *.www.ecehispanic.org

exppedia.com *.exppedia.com *.ww25.exppedia.com *.ww38.exppedia.com

firstclasstour.net *.firstclasstour.net *.ww1.firstclasstour.net *.ww41.firstclasstour.net

flymkh.com *.flymkh.com *.mail.flymkh.com *.www.flymkh.com

*.alt.fragrances.com *.ampholia.fragrances.com *.beckham.fragrances.com *.boss.fragrances.com *.echowhiff.fragrances.com fragrances.com *.fragrances.com *.harlem.fragrances.com *.j.fragrances.com *.laguera.fragrances.com *.origen.fragrances.com *.royaldunes.fragrances.com

*.7eb1f812-815e-43c9-9c78-344c7b7de251.gorillacakeog.com *.auxnaout.gorillacakeog.com *.cdn.gorillacakeog.com *.correu.gorillacakeog.com gorillacakeog.com *.gorillacakeog.com *.qgvmpapi.gorillacakeog.com *.static.gorillacakeog.com *.www.gorillacakeog.com

hga.au *.hga.au *.ww25.hga.au

*.assets.inboxdeliverability.co inboxdeliverability.co *.inboxdeliverability.co *.test.inboxdeliverability.co

kap.xyz *.kap.xyz *.login.kap.xyz *.ww25.kap.xyz

mexicanweed.com *.mexicanweed.com *.ww25.mexicanweed.com *.ww38.mexicanweed.com

*.mail.michelinofish.it michelinofish.it *.michelinofish.it *.mx.michelinofish.it *.random.michelinofish.it *.ww25.michelinofish.it *.www.michelinofish.it

offertunity.co *.offertunity.co *.ww25.offertunity.co

shipts.com *.shipts.com *.stats.shipts.com

travelpayots.com *.travelpayots.com *.ww17.travelpayots.com *.ww25.travelpayots.com

*.random.webprotecao.com *.sinistro.webprotecao.com webprotecao.com *.webprotecao.com *.ww1.webprotecao.com

*.mx2.xxxgirls.xyz xxxgirls.xyz *.xxxgirls.xyz