SSL Certificate Analysis for taobao.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.taobao.com

Issuer

C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024

Valid From

May 07, 2025

Valid Until

June 08, 2026 198 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

37:A2:B7:0E:AE:7D:63:3E:2D:5D:6B:D7:B7:F0:D4:44:C5:9C:81:1F:C5:BE:9C:2C:67:58:61:FB:27:89:A5:40

Alternative Names

357 domains

Security Configuration

TLS Protocols

TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

Warnings

• TLS 1.1 is deprecated and should be disabled
• TLS 1.0 is deprecated and should be disabled

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

357 domains

taobao.com *.taobao.com *.110.taobao.com *.2.taobao.com *.3hours.taobao.com *.admin.taobao.com *.adminconsole.taobao.com *.ads.taobao.com *.advgateway.taobao.com *.aftool.taobao.com *.ag.taobao.com *.ai.taobao.com *.air-inner.taobao.com *.airec.taobao.com *.aistore.taobao.com *.ajax.taobao.com *.alibeebot.taobao.com *.alicom.taobao.com *.alidesign.taobao.com *.alidetail.taobao.com *.alihealth.taobao.com *.alijk.taobao.com *.alime.taobao.com *.alimebot.taobao.com *.aliqin.taobao.com *.alisp-openadmin.taobao.com *.alisports.taobao.com *.alsc.taobao.com *.alscad.taobao.com *.amp.taobao.com *.analysis.taobao.com *.api.taobao.com *.apitest.taobao.com *.app.taobao.com *.astore-alsc-l100crm.taobao.com *.astore-alsc.taobao.com *.astore-multitenant.taobao.com *.badcase-es-old.taobao.com *.baichuan.taobao.com *.baoxian.taobao.com *.bbs.taobao.com *.bcctg.taobao.com *.bcfeedback.taobao.com *.bot.taobao.com *.brand.taobao.com *.branding.taobao.com *.browser.taobao.com *.buildsite.taobao.com *.caipiao.taobao.com *.cbbs.taobao.com *.cdn.taobao.com *.china.taobao.com *.chuangyi.taobao.com *.click.taobao.com *.cloud.taobao.com *.config.taobao.com *.console.taobao.com *.content.taobao.com *.corp.taobao.com *.cps.taobao.com *.crm-daxue.taobao.com *.crm.taobao.com *.cro.taobao.com *.ct-proxy.taobao.com *.cun.taobao.com *.darenmcn.taobao.com *.daxue.taobao.com *.dc.taobao.com *.dchain-api-proxy.taobao.com *.dchain.taobao.com *.dd.taobao.com *.debug.taobao.com *.design.taobao.com *.detail.taobao.com *.dev1.taobao.com *.developers.taobao.com *.deviceplat.taobao.com *.di.taobao.com *.dian.taobao.com *.dianshi.taobao.com *.dianxiaomi.taobao.com *.dianying.taobao.com *.dmp.taobao.com *.dongfeng.taobao.com *.ds.taobao.com *.dsc.taobao.com *.einvoice.taobao.com *.elm.taobao.com *.ershou.taobao.com *.faasonasi.taobao.com *.farming.taobao.com *.fc.taobao.com *.fengchao.taobao.com *.fenxiao.taobao.com *.fliggy.taobao.com *.fngroup.taobao.com *.fuwu.taobao.com *.fuwuwebapp.taobao.com *.game.taobao.com *.gds.taobao.com *.global.taobao.com *.gongyi.taobao.com *.goofishsolution.taobao.com *.gpu.taobao.com *.guanghe.taobao.com *.haoxue.taobao.com *.havana.taobao.com *.hellobixi.taobao.com *.hi.taobao.com *.homeai.taobao.com *.homelab.taobao.com *.homestyler.taobao.com *.hot.taobao.com *.huyan.taobao.com *.i56.taobao.com *.idestudio.taobao.com *.im.taobao.com *.image.taobao.com *.imdd.taobao.com *.intl.taobao.com *.ipfans.taobao.com *.istore.taobao.com *.item.taobao.com *.izhongchou.taobao.com *.jianghu.taobao.com *.jiangshi.taobao.com *.ju.taobao.com *.juadmin.taobao.com *.julang.taobao.com *.lazada.taobao.com *.lbs.taobao.com *.life.taobao.com *.lingshou.taobao.com *.linking-test.taobao.com *.litetao.taobao.com *.livec.taobao.com *.livex.taobao.com *.log.taobao.com *.luban.taobao.com *.lz.taobao.com *.m.taobao.com *.m1.taobao.com *.m2.taobao.com *.m3.taobao.com *.ma.taobao.com *.manager.taobao.com *.marketingbox.taobao.com *.mcache.taobao.com *.media.taobao.com *.merchant.taobao.com *.meta-search.taobao.com *.meteor.taobao.com *.miaojie.taobao.com *.microapp-dmp.taobao.com *.miniapp.taobao.com *.mkt.taobao.com *.mktadapter.taobao.com *.ml.taobao.com *.moqie.taobao.com *.morse.taobao.com *.movie.taobao.com *.mpop.taobao.com *.mtdata.taobao.com *.mtop.taobao.com *.mts.taobao.com *.need.taobao.com *.newgateway.taobao.com *.nextbi.taobao.com *.now.taobao.com *.ny.taobao.com *.o2o.taobao.com *.olap.taobao.com *.olympic.taobao.com *.onepub.taobao.com *.onetake.taobao.com *.online.taobao.com *.open.taobao.com *.operate.taobao.com *.oto.taobao.com *.oversea.taobao.com *.ow.taobao.com *.page.taobao.com *.paimai.taobao.com *.pan.taobao.com *.passport.taobao.com *.pay.taobao.com *.pbx.taobao.com *.pinpai.taobao.com *.pmcrm.taobao.com *.pmsaas.taobao.com *.polaris.taobao.com *.prada.taobao.com *.pre-air-er.taobao.com *.pre-dchain-api-proxy.taobao.com *.pre-haoxue.taobao.com *.pre-imdd.taobao.com *.pre-microapp-dmp.taobao.com *.pre-repo1-git-jae.taobao.com *.pre-sale.taobao.com *.pre-tcgw.taobao.com *.pre1-sale.taobao.com *.pre2-sale.taobao.com *.pre3-sale.taobao.com *.pre4-sale.taobao.com *.prealihealth.taobao.com *.prepub.taobao.com *.progress-center.taobao.com *.proxy.taobao.com *.publish.taobao.com *.qc.taobao.com *.qianniu.taobao.com *.rate.taobao.com *.re.taobao.com *.robot.taobao.com *.rta.taobao.com *.rule.taobao.com *.s.taobao.com *.saas.taobao.com *.sale.taobao.com *.scm.taobao.com *.search.taobao.com *.sec.taobao.com *.secondlife.taobao.com *.seller.taobao.com *.sellercenter.taobao.com *.service.taobao.com *.settle.taobao.com *.sh.taobao.com *.shell.taobao.com *.shop.taobao.com *.shopsearch.taobao.com *.shuyuan.taobao.com *.simba.taobao.com *.site.taobao.com *.smartdata.taobao.com *.solar.taobao.com *.sopapi.taobao.com *.speech.taobao.com *.stadium.taobao.com *.survey.taobao.com *.sycm-ct.taobao.com *.sycm.taobao.com *.sz.taobao.com *.t.taobao.com *.tae.taobao.com *.taobao.taobao.com *.taobaolive.taobao.com *.taodetail.taobao.com *.taojinbi.taobao.com *.taolive-cp.taobao.com *.taoshehui.taobao.com *.taotv.taobao.com *.taowoyao.taobao.com *.taoxiaopu.taobao.com *.tcgw.taobao.com *.tejia.taobao.com *.temai.taobao.com *.test.taobao.com *.tf.taobao.com *.tgc.taobao.com *.themis.taobao.com *.timesheet.taobao.com *.tjb-sycm.taobao.com *.tjb.taobao.com *.tjseller.taobao.com *.tmall.taobao.com *.train.taobao.com *.trip.taobao.com *.try.taobao.com *.tv.taobao.com *.tw.taobao.com *.txd.taobao.com *.uland.taobao.com *.ump.taobao.com *.unidesk.taobao.com *.upload.taobao.com *.ut.taobao.com *.uz.taobao.com *.video.taobao.com *.view.taobao.com *.vip.taobao.com *.virtual.taobao.com *.virtualbuy.taobao.com *.wangpu.taobao.com *.wangwang.taobao.com *.wangxin.taobao.com *.wapa.taobao.com *.waptest.taobao.com *.we.taobao.com *.webappp.taobao.com *.work.taobao.com *.world.taobao.com *.wow-share.taobao.com *.ws-nextbi.taobao.com *.wt.taobao.com *.wuliu.taobao.com *.ww.taobao.com *.x-space.taobao.com *.xconsultant-gateway.taobao.com *.xiangqing.taobao.com *.xp.taobao.com *.xreplay-service.taobao.com *.xue.taobao.com *.yingxiao.taobao.com *.youku.taobao.com *.yueke.taobao.com *.yulebao.taobao.com *.yun.taobao.com *.yunditan.taobao.com *.yunos-tv.taobao.com *.zb.taobao.com *.zhichui.taobao.com *.zizhanghao.taobao.com *.zuanshi.taobao.com api.ent.taobao.com gsp.mystg.taobao.com pac.partner.taobao.com pre-cambridge.decoration.taobao.com pre-i.i.taobao.com pre-showcase.display.taobao.com pre-unszyun.api-xspace.taobao.com showcase.display.taobao.com tmatch.simba2.taobao.com trace.cps.taobao.com ugc.pre.taobao.com unszyun.api-xspace.taobao.com *.admin.dataserver.taobao.com *.api.m.taobao.com *.auks.m.taobao.com *.cms.m.taobao.com *.gateway.simba.taobao.com *.global.i56.taobao.com *.hjhttpgw.pay.taobao.com *.settle.simba.taobao.com *.sycm.sycm.taobao.com *.taobao.comunity-sign-front-static.taobao.com *.trade.tw.taobao.com click.mz.simba.taobao.com click.tz.simba.taobao.com s.ijipiao.trip.taobao.com s.jipiao.trip.taobao.com

Other domains in certificate

taobao.cn

*.alimebot.taobao.tw *.bops.taobao.tw *.click.taobao.tw *.prepub.taobao.tw *.sellercenter-staging.taobao.tw *.sellercenter.taobao.tw taobao.tw *.taobao.tw *.wapa.taobao.tw

taobao.wang

taopiaopiao.com *.taopiaopiao.com

*.cloud.tmall.com

xiami.com *.xiami.com