SSL Certificate Analysis for vantuong.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=wg556677.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 31, 2026

Valid Until

May 01, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2C:92:66:9F:81:AD:CD:BB:C2:FF:A2:49:C9:E8:5E:EC:41:B0:CD:09:EE:9C:06:83:FD:EC:44:68:70:CE:88:61

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

vantuong.com *.vantuong.com

Other domains in certificate

16841kingsbury.com *.16841kingsbury.com *.autoconfig.16841kingsbury.com *.backend.16841kingsbury.com *.cpanel.16841kingsbury.com *.cpcontacts.16841kingsbury.com *.ftp.16841kingsbury.com *.remote.16841kingsbury.com

bandis.co *.bandis.co *.ww38.bandis.co

bibrion.com *.bibrion.com *.trk.bibrion.com

*.access.drewbud.com.pl *.app1.drewbud.com.pl *.apps2.drewbud.com.pl *.auth2.drewbud.com.pl *.connect.drewbud.com.pl *.correo.drewbud.com.pl *.cpanel.drewbud.com.pl *.cpcalendars.drewbud.com.pl *.cpcontacts.drewbud.com.pl drewbud.com.pl *.drewbud.com.pl *.exchange.drewbud.com.pl *.ftp.drewbud.com.pl *.m.drewbud.com.pl *.office.drewbud.com.pl *.office1.drewbud.com.pl *.outlook.drewbud.com.pl *.remoteapp2.drewbud.com.pl *.remoteapps.drewbud.com.pl *.shop.drewbud.com.pl *.smtp.drewbud.com.pl *.start1.drewbud.com.pl *.test.drewbud.com.pl *.virtualaccess.drewbud.com.pl *.web.drewbud.com.pl *.webdisk.drewbud.com.pl *.webmail.drewbud.com.pl *.wp.drewbud.com.pl *.zimbra.drewbud.com.pl

fullstory.site *.fullstory.site *.fun.fullstory.site

liveeyeware.com *.liveeyeware.com *.old.liveeyeware.com *.wildcard.liveeyeware.com

*.discord.movies4discord.xyz movies4discord.xyz *.movies4discord.xyz *.nignx-useast.movies4discord.xyz *.old.movies4discord.xyz *.portainer.movies4discord.xyz *.random.movies4discord.xyz *.speedtest-us.movies4discord.xyz *.stream.movies4discord.xyz *.testing-stream.movies4discord.xyz *.us.movies4discord.xyz *.ww25.movies4discord.xyz

*.nude-the-new-slip-cover.oldouttool.info oldouttool.info *.oldouttool.info

*.backoffice.pashtomedia.com *.hostmaster.pashtomedia.com pashtomedia.com *.pashtomedia.com

tsujii.com *.tsujii.com

weddingsreflectionlove.beauty *.weddingsreflectionlove.beauty

westindianpeople.com *.westindianpeople.com

*.ildcard.wg556677.com wg556677.com *.wg556677.com *.wildcard.wg556677.com

xn--gez.com *.xn--gez.com

yarley.com *.yarley.com

zabaldu.com *.zabaldu.com

zhetang.com *.zhetang.com