SSL Certificate Analysis for apriamo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=123goal-news.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 02, 2026

Valid Until

May 03, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4D:72:8C:9D:A4:4A:D6:3D:64:B1:30:6C:CF:2F:29:2A:41:D5:56:64:CD:44:CA:A3:B2:38:24:B2:63:03:E7:2B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

apriamo.com *.apriamo.com

Other domains in certificate

123goal-news.com *.123goal-news.com

12suquanonline.com *.12suquanonline.com

1800gift.com *.1800gift.com

51tv250201.top *.51tv250201.top

56985.agency *.56985.agency

6088u.cc *.6088u.cc

6wheno.shop *.6wheno.shop

79688aa.vip *.79688aa.vip

973862.top *.973862.top

aacia.com *.aacia.com

affittomonolocale.com *.affittomonolocale.com

assenteismo.com *.assenteismo.com

avmtechnology.com *.avmtechnology.com

aziendasoftware.com *.aziendasoftware.com

biblemissionbaptist.org *.biblemissionbaptist.org

bunkbedspedia.com *.bunkbedspedia.com

buprenorfina.com *.buprenorfina.com

bvrurh8.cyou *.bvrurh8.cyou

bytechdesign.com *.bytechdesign.com

cadorgroup.com *.cadorgroup.com

caianello.com *.caianello.com

calabriavacanze.com *.calabriavacanze.com

casoria.org *.casoria.org

cattolicipopolari.com *.cattolicipopolari.com

cisternati.com *.cisternati.com

civici.com *.civici.com

cologno.net *.cologno.net

corsimultimediali.com *.corsimultimediali.com

pom6hg2e.top *.pom6hg2e.top

pornvideostv.xyz *.pornvideostv.xyz

rins.net *.rins.net

rivista.com *.rivista.com

rse85.top *.rse85.top

santello.com *.santello.com

sarebbe.com *.sarebbe.com

serrungarina.com *.serrungarina.com

slotxo-sub.com *.slotxo-sub.com

smettila.com *.smettila.com

testsiegerprodukte.com *.testsiegerprodukte.com

theagenticcompany.com *.theagenticcompany.com

themegastar.com *.themegastar.com

tiseiconnesso.com *.tiseiconnesso.com

trovascarpe.com *.trovascarpe.com

ts911-sub.com *.ts911-sub.com