SSL Certificate Analysis for test.h68.fun - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=gcalliance.io

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 17, 2026

Valid Until

July 16, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CC:F3:36:80:07:58:EF:FF:87:D7:A7:C1:19:45:0B:22:4E:74:48:A8:FB:DA:57:14:71:13:4E:36:CD:0D:1A:91

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

h68.fun *.h68.fun *.05b29840-b515-4704-96da-4e3dabfb9b0d.h68.fun *.1a.h68.fun *.1b.h68.fun *.1e.h68.fun *.1f.h68.fun *.1h.h68.fun *.1i.h68.fun *.1j.h68.fun *.1l.h68.fun *.1m.h68.fun *.61bde624-80c8-4d13-999d-0e1b16cc0001.h68.fun *.admin.h68.fun *.assets.h68.fun *.demo.h68.fun *.dev.h68.fun *.ebaf6e25-1392-44c7-a5a5-42ccc8bf4b0d.h68.fun *.hostmaster.h68.fun *.members.h68.fun *.pterodactyl.h68.fun *.shop.h68.fun *.test.h68.fun *.wap.h68.fun

Other domains in certificate

australiansportawards.com.au *.australiansportawards.com.au

*.admin.boohooman.net *.auth.boohooman.net *.authsmtp.boohooman.net boohooman.net *.boohooman.net *.imap.boohooman.net *.mailgate.boohooman.net *.mx1.boohooman.net *.myoffice.boohooman.net *.random.boohooman.net *.relay.boohooman.net *.service.boohooman.net *.ww25.boohooman.net

comparesons.org *.comparesons.org *.hostmaster.comparesons.org

*.082282485406.dana.au *.au.dana.au dana.au *.dana.au *.gizi.dana.au *.sketer.dana.au *.ww38.dana.au

*.app.didelity.com didelity.com *.didelity.com *.esgpro.didelity.com

donutworld.com *.donutworld.com *.mail.donutworld.com *.random.donutworld.com *.www.donutworld.com

*.furniturefinwww.gameboyz.com *.futbolwww.gameboyz.com gameboyz.com *.gameboyz.com *.gawww.gameboyz.com *.ww25.gameboyz.com

gcalliance.io *.gcalliance.io *.ns1.gcalliance.io

*.design.merkur-fh.org *.eng.merkur-fh.org *.ffffffffffff.merkur-fh.org merkur-fh.org *.merkur-fh.org *.ww25.merkur-fh.org *.ww38.merkur-fh.org *.www.merkur-fh.org *.zx.merkur-fh.org

*.ar.nmk.me *.mail.nmk.me nmk.me *.nmk.me

tweakers.au *.tweakers.au

*.radio.vidovdan.com vidovdan.com *.vidovdan.com *.www.vidovdan.com

*.gdasr36.wtq04lqjdbpz3eahxd19.com wtq04lqjdbpz3eahxd19.com *.wtq04lqjdbpz3eahxd19.com *.ww25.wtq04lqjdbpz3eahxd19.com