SSL Certificate Analysis for cloud.vodito.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=vodito.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 16, 2026

Valid Until

July 15, 2026 66 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

92:44:CE:AE:61:B2:B3:05:7D:AB:FB:15:66:A5:8E:68:1F:78:C4:D7:B2:12:88:31:29:26:4D:18:52:8D:09:74

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

vodito.com *.vodito.com *.desktop.vodito.com *.login.vodito.com *.rdg.vodito.com

Other domains in certificate

315017.xyz *.315017.xyz *.6.315017.xyz *.8.315017.xyz

alliwant.it *.alliwant.it *.criu.alliwant.it *.dashs.alliwant.it *.invitoprincipesse.alliwant.it *.mail.alliwant.it *.notexistsapi.alliwant.it *.notexistsavatar.alliwant.it *.poczta.alliwant.it *.status.alliwant.it *.temperatura.alliwant.it *.upload.alliwant.it *.webmail.alliwant.it

cgvyapam.com *.cgvyapam.com *.ww1.cgvyapam.com

*.admin.goldshoes.it *.app.goldshoes.it *.demo.goldshoes.it goldshoes.it *.goldshoes.it *.hostmaster.goldshoes.it

innokare.com.cn *.innokare.com.cn *.wap.innokare.com.cn

*.0fe46eea-21e4-4b54-8894-591b76755ead.nbashop34.shop *.5b19c2c2-46b5-48d5-a6a5-89893ec03eed.nbashop34.shop *.868147c1-bc71-4d2c-bb87-b7cd16238f09.nbashop34.shop *.a360877f-6643-4dbe-8f5d-469d1fee7bab.nbashop34.shop *.admin.nbashop34.shop *.api.nbashop34.shop *.app.nbashop34.shop *.assets.nbashop34.shop *.demo.nbashop34.shop *.dev.nbashop34.shop *.hostmaster.nbashop34.shop *.members.nbashop34.shop nbashop34.shop *.nbashop34.shop *.pagamento.nbashop34.shop *.shop.nbashop34.shop *.staging.nbashop34.shop *.test.nbashop34.shop

newsworld.media *.newsworld.media

*.00543f23-69eb-47ed-8f9b-8b879a4efd81.sawalambo.com *.admin.sawalambo.com *.qa.sawalambo.com sawalambo.com *.sawalambo.com

*.30f61f8d-e1b2-4973-ab42-4fd8ffba1bf7.sjgetclaf.blog sjgetclaf.blog *.sjgetclaf.blog *.www2.sjgetclaf.blog

swissbetgiris.biz *.swissbetgiris.biz

*.mail.tweety.fun tweety.fun *.tweety.fun

v75g.cyou *.v75g.cyou