SSL Certificate Analysis for data.esp.bio - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=emprendimeintodigital.co

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 19, 2026

Valid Until

August 17, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B7:85:73:8D:B6:29:5C:93:B8:19:73:3C:A2:92:D9:87:5B:1D:18:A4:8E:4D:7E:C6:07:43:AB:4D:9D:E9:C0:19

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

esp.bio *.esp.bio *.data.esp.bio

Other domains in certificate

1xbet-inf.top *.1xbet-inf.top

2playergame.co *.2playergame.co

2zz.my *.2zz.my

3-6-9watch.com *.3-6-9watch.com

30086.my *.30086.my

30467.one *.30467.one

58366.one *.58366.one

59210.co *.59210.co

59518.qpon *.59518.qpon

91cn.fun *.91cn.fun

aaflight.co *.aaflight.co

ajbowles.co *.ajbowles.co

akashp.co *.akashp.co

aplcef.org *.aplcef.org

badgermutual.co *.badgermutual.co

beauchemin.com *.beauchemin.com

biqugege.cc *.biqugege.cc

dashfirelay.info *.dashfirelay.info

digitalmining.co *.digitalmining.co

discgolfnetwork.co *.discgolfnetwork.co

emprendimeintodigital.co *.emprendimeintodigital.co

eslanlabs.co *.eslanlabs.co

flippercleaner.co *.flippercleaner.co

intihal.com *.intihal.com

jane.au *.jane.au

jjp.ag *.jjp.ag

jorlunivex.sbs *.jorlunivex.sbs

journeyexpertise.live *.journeyexpertise.live

pestie.co *.pestie.co

*.autoconfig.portailspirituel.com *.c7416c36-49a3-4eeb-90ad-2a0c8c9db343.portailspirituel.com *.cpanel.portailspirituel.com *.mail.portailspirituel.com *.mlal4k.portailspirituel.com *.portailholistique.portailspirituel.com portailspirituel.com *.portailspirituel.com *.t6glnq.portailspirituel.com

pusat4d.bet *.pusat4d.bet

senr-jobs-9c1o7d0c7t8.sbs *.senr-jobs-9c1o7d0c7t8.sbs

sflic.co *.sflic.co

silkandsand.co *.silkandsand.co

snipershide.co *.snipershide.co

travel-booking-pl-9072.sbs *.travel-booking-pl-9072.sbs

travelprovantage.live *.travelprovantage.live

trystagency.co *.trystagency.co

videotouch88.info *.videotouch88.info

yes4444.cn *.yes4444.cn