SSL Certificate Analysis for orio.live - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=orio.live

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 24, 2026

Valid Until

May 25, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4E:C8:80:7F:09:94:73:58:78:AE:B0:A3:19:6B:CA:31:43:BF:ED:2D:58:B1:41:0D:7B:41:31:9B:41:3F:63:A7

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

orio.live *.orio.live *.leser.orio.live

Other domains in certificate

*.0059vr.57u7gc.mom *.00y796.57u7gc.mom *.3exzcr.57u7gc.mom 57u7gc.mom *.57u7gc.mom *.9z3g9r.57u7gc.mom *.ac6pwf.57u7gc.mom *.aky2df.57u7gc.mom *.apsesx.57u7gc.mom *.ecc4sv.57u7gc.mom *.ed6e00.57u7gc.mom *.edarb1.57u7gc.mom *.f2jzjp.57u7gc.mom *.fuy1us.57u7gc.mom *.gkoh2w.57u7gc.mom *.gxut3a.57u7gc.mom *.hket5a.57u7gc.mom *.j3gt3j.57u7gc.mom *.lmjzgk.57u7gc.mom *.m96yeg.57u7gc.mom *.mhpoc1.57u7gc.mom *.ms98i6.57u7gc.mom *.qp1b8c.57u7gc.mom *.r2rjaq.57u7gc.mom *.r4aoqj.57u7gc.mom *.r4gyog.57u7gc.mom *.sdctbd.57u7gc.mom *.sh1en3.57u7gc.mom *.sn0ehx.57u7gc.mom *.snp8i6.57u7gc.mom *.sv5wk1.57u7gc.mom *.ww17.57u7gc.mom

al-maghreb.online *.al-maghreb.online *.imap.al-maghreb.online *.mail.al-maghreb.online

*.adlib.alzheimers.org *.alz.alzheimers.org alzheimers.org *.alzheimers.org *.blog.alzheimers.org *.brevard.alzheimers.org *.ku.alzheimers.org *.pwww.alzheimers.org *.smtp.alzheimers.org

*.api.bakulsosmed.online bakulsosmed.online *.bakulsosmed.online *.ww17.bakulsosmed.online

fgmpdav60i6y.store *.fgmpdav60i6y.store

*.comww25.fortbreak.com fortbreak.com *.fortbreak.com

*.assets.miri.cc *.blog.miri.cc miri.cc *.miri.cc *.www.miri.cc *.xx.miri.cc

portalegre.com *.portalegre.com

*.autodiscover.revistadialecticacomunicativa.com revistadialecticacomunicativa.com *.revistadialecticacomunicativa.com

*.admin.schoologyy.com schoologyy.com *.schoologyy.com

*.mail.sextre.com sextre.com *.sextre.com *.ww25.sextre.com *.www.sextre.com

*.admin.thecallofthebride.com *.api.thecallofthebride.com thecallofthebride.com *.thecallofthebride.com *.webmail.thecallofthebride.com

*.api.thelordgodjesuschristlovesme.com *.suporte.thelordgodjesuschristlovesme.com thelordgodjesuschristlovesme.com *.thelordgodjesuschristlovesme.com

*.store.timbersredmond.com timbersredmond.com *.timbersredmond.com *.ww25.timbersredmond.com