SSL Certificate Analysis for pescamundo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=cabinet-warehouse.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 03, 2026

Valid Until

September 01, 2026 68 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E1:FA:38:07:0C:CA:2F:BC:67:9C:7E:C5:50:8D:CD:F8:F2:76:A4:6A:2F:9D:E4:4D:DB:9C:A9:4B:0D:53:F3:E3

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

pescamundo.com *.pescamundo.com

Other domains in certificate

cabinet-warehouse.com *.cabinet-warehouse.com

capitalfusionis.com *.capitalfusionis.com

cb01net.com *.cb01net.com

htsyzz10.com *.htsyzz10.com

hubhee.net *.hubhee.net

icocode.com *.icocode.com

indiayz.click *.indiayz.click

itineraryintegrity.live *.itineraryintegrity.live

jjrrr.loan *.jjrrr.loan

jlrlc.my *.jlrlc.my

linyeuniversity.xyz *.linyeuniversity.xyz

progressivefitnessline.run *.progressivefitnessline.run

qjrip.my *.qjrip.my

ranchvanguard.live *.ranchvanguard.live

retrowin626.info *.retrowin626.info

ringabell.xyz *.ringabell.xyz

roadroyal.live *.roadroyal.live

robertslackrealty.com *.robertslackrealty.com

robotparcel.com *.robotparcel.com

rscqeitab.cc *.rscqeitab.cc

sauber24de.today *.sauber24de.today

sazqn.top *.sazqn.top

sbgtb.club *.sbgtb.club

sfvxx432.com *.sfvxx432.com

sgfeculturelab.com *.sgfeculturelab.com

sgfedontschool.com *.sgfedontschool.com

sgfefoundersexit.com *.sgfefoundersexit.com

sgfenewworkmodel.com *.sgfenewworkmodel.com

sgfepreparetoexit.com *.sgfepreparetoexit.com

sgferelearn.com *.sgferelearn.com

sgfethinkingforward.com *.sgfethinkingforward.com

sgqesr.cc *.sgqesr.cc

sgwfu.my *.sgwfu.my

sgztwc.cc *.sgztwc.cc

spr763r.top *.spr763r.top

structured.studio *.structured.studio

supeai.dev *.supeai.dev

tavuzy.pro *.tavuzy.pro

terrahub386.info *.terrahub386.info

the01.xyz *.the01.xyz

tkkhan.com *.tkkhan.com

wxiom.trade *.wxiom.trade

xn--py2b98co8gq8v.com *.xn--py2b98co8gq8v.com

zxiom.trade *.zxiom.trade