SSL Certificate Analysis for api.renkoprop.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=mogamasuk.site

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 21, 2026

Valid Until

April 21, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

76:03:FA:C7:DE:B7:A3:A9:14:1C:64:E8:3C:0C:84:B8:8F:B1:75:1C:32:0D:95:B9:C5:B6:73:B5:AC:83:8E:A5

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

renkoprop.com *.renkoprop.com *.api.renkoprop.com *.cursos.renkoprop.com *.ead.renkoprop.com

Other domains in certificate

adochub.com *.adochub.com *.apacheaven.adochub.com *.apacheesos.adochub.com *.apachegnite.adochub.com *.apacherill.adochub.com *.boto3.adochub.com *.cmake.adochub.com *.cordova.adochub.com *.dapr.adochub.com *.dbeaver.adochub.com *.electronjs.adochub.com *.fishshell.adochub.com *.geeksforgeeks.adochub.com *.grpc.adochub.com *.harbor.adochub.com *.kotlinlang.adochub.com *.kubernetes.adochub.com *.microsoft.adochub.com *.mozilla.adochub.com *.openpolicyagent.adochub.com *.poweri.adochub.com *.rancher.adochub.com *.reactnative.adochub.com *.redis.adochub.com *.rustlang.adochub.com *.scikitlearn.adochub.com *.spotify.adochub.com *.tailwindcss.adochub.com *.vmware.adochub.com *.wireshark.adochub.com *.ziglang.adochub.com

adsgroup.top *.adsgroup.top *.ww25.adsgroup.top

carribeancinemas.com *.carribeancinemas.com *.ci.carribeancinemas.com *.jenkins.carribeancinemas.com *.pipeline.carribeancinemas.com *.wiki.carribeancinemas.com

chnewsjp04.site *.chnewsjp04.site *.ww25.chnewsjp04.site

digitalmelbourne.com.au *.digitalmelbourne.com.au

emergencyplumbingservice.com.au *.emergencyplumbingservice.com.au

*.alumni.enseceurope.org enseceurope.org *.enseceurope.org *.ysxy.enseceurope.org

finejewlers.com *.finejewlers.com

geckofinance.com.au *.geckofinance.com.au

mogamasuk.site *.mogamasuk.site *.www.mogamasuk.site

*.cloud.plasmadrum.com plasmadrum.com *.plasmadrum.com *.random.plasmadrum.com

pumkinshop.com *.pumkinshop.com *.santander.pumkinshop.com

*.forum.scryptminingrentals.com scryptminingrentals.com *.scryptminingrentals.com *.stage.scryptminingrentals.com

tukangkomik.co *.tukangkomik.co

*.mx.voyeurseb.com *.random.voyeurseb.com voyeurseb.com *.voyeurseb.com *.ww25.voyeurseb.com

*.ns2.watsmenu.com.br *.ns3.watsmenu.com.br watsmenu.com.br *.watsmenu.com.br *.ww16.watsmenu.com.br

ziemiahajnowska.pl *.ziemiahajnowska.pl