SSL Certificate Analysis for admin.vesponi.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=vesponi.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 21, 2026

Valid Until

August 19, 2026 67 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

06:FB:41:56:45:5F:B5:06:18:B9:8B:C8:DF:1C:8A:40:94:F3:77:E4:AF:44:3B:90:DF:79:6C:4A:2B:6D:E4:82

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

vesponi.com *.vesponi.com *.admin.vesponi.com *.backend.vesponi.com *.chart.vesponi.com *.demo.vesponi.com *.gd.vesponi.com *.staging.vesponi.com

Other domains in certificate

32687.my *.32687.my

32712.my *.32712.my

32931.loan *.32931.loan

32982.my *.32982.my

32kk.us *.32kk.us

33009.blog *.33009.blog

33102.loan *.33102.loan

33200.my *.33200.my

332211rr.cc *.332211rr.cc

a278jwm.top *.a278jwm.top *.abc.a278jwm.top *.mddci.a278jwm.top

*.50ee2c20-20dd-4909-828a-b57ee79d4844.izmi.be *.alt.izmi.be *.app.izmi.be *.asante.izmi.be *.atf.izmi.be *.aws.izmi.be *.bbs.izmi.be *.bd742954-7af9-4404-953d-c6aac996a1c1.izmi.be *.bfed2c8d-ee18-436a-8238-ad4b54a17e35.izmi.be *.blogs.izmi.be *.bmail.izmi.be *.cloudapp.izmi.be *.cube.izmi.be *.demo2.izmi.be *.devel.izmi.be *.feeds.izmi.be *.id.izmi.be *.int.izmi.be izmi.be *.izmi.be *.labs.izmi.be *.marketplace.izmi.be *.mx1.izmi.be *.newsite.izmi.be *.pve.izmi.be *.rds.izmi.be *.seo.izmi.be *.sitemap.izmi.be *.sitemaps.izmi.be *.staging-api.izmi.be *.sv.izmi.be *.sync.izmi.be *.taxi.izmi.be *.the-clan.izmi.be *.tp.izmi.be *.uki.izmi.be *.upload.izmi.be *.ww.izmi.be *.www.izmi.be *.yalnizim.izmi.be *.za.izmi.be

*.hiro.ozawa.com *.mari.ozawa.com *.maria.ozawa.com ozawa.com *.ozawa.com *.vanessa.ozawa.com *.ww38.ozawa.com *.xnxxmaria.ozawa.com *.xxx.ozawa.com

*.cpcontacts.xerox-xms.com *.landings.xerox-xms.com *.random.xerox-xms.com xerox-xms.com *.xerox-xms.com *.xmsatl3.xerox-xms.com

*.hostmaster.xn--yk3b.com xn--yk3b.com *.xn--yk3b.com