SSL Certificate Analysis for web.bento123a.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=elfares.live

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

May 28, 2026

Valid Until

August 26, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AD:7C:CF:D4:4B:41:86:8C:71:73:88:AC:A6:99:7E:00:8C:64:D6:E1:93:20:27:7D:91:BF:D5:ED:61:04:70:7B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bento123a.com *.bento123a.com *.api.bento123a.com *.app.bento123a.com *.backup.bento123a.com *.cgqqhmailer.bento123a.com *.dashboard.bento123a.com *.dev.bento123a.com *.mail.bento123a.com *.mailer.bento123a.com *.marketing.bento123a.com *.new.bento123a.com *.qa.bento123a.com *.secure.bento123a.com *.staging.bento123a.com *.stg.bento123a.com *.vpn.bento123a.com *.web.bento123a.com

Other domains in certificate

a1195.cc *.a1195.cc *.sitemap.a1195.cc *.www.a1195.cc

*.admin.after.pizza after.pizza *.after.pizza *.cream.after.pizza *.demo.after.pizza *.dev.after.pizza *.members.after.pizza *.poop.after.pizza *.smells.after.pizza *.test.after.pizza

*.axee.elfares.live *.cdn-1.elfares.live *.cdn-2.elfares.live *.cnn-news.elfares.live *.door.elfares.live *.drsh.elfares.live elfares.live *.elfares.live *.hd.elfares.live *.kor.elfares.live *.reuters-news.elfares.live *.staging.elfares.live

infogratis.it *.infogratis.it

*.1.lightroomadobe.com *.16.lightroomadobe.com lightroomadobe.com *.lightroomadobe.com *.ww1.lightroomadobe.com *.ww16.lightroomadobe.com *.ww25.lightroomadobe.com

*.depot-mince.listless.com *.entotic.listless.com listless.com *.listless.com *.mbps.listless.com *.navig.listless.com *.nolo.listless.com *.rack.listless.com *.repolane.listless.com *.tamul.listless.com *.unpin.listless.com *.vita.listless.com

*.13.re7.cc *.14.re7.cc *.m.re7.cc re7.cc *.re7.cc *.www.re7.cc

royalcashregisters.com *.royalcashregisters.com *.ww38.royalcashregisters.com

*.megamarket.ryantrahan.co *.ozon.ryantrahan.co ryantrahan.co *.ryantrahan.co

vijayelectronics.pro *.vijayelectronics.pro

visbrtooa.xyz *.visbrtooa.xyz

*.48.xn--2qux23c.com *.77.xn--2qux23c.com *.backend.xn--2qux23c.com *.dev.xn--2qux23c.com *.ip.xn--2qux23c.com xn--2qux23c.com *.xn--2qux23c.com *.xn--cet959k.xn--2qux23c.com