SSL Certificate Analysis for pg.fourth.life - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=listdepo.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 16, 2026

Valid Until

April 16, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

8D:84:C1:48:AF:5C:94:6B:39:2E:19:7A:35:5E:FD:0D:D3:B8:1E:D0:08:AB:89:9B:39:A0:2D:94:F9:93:C5:D4

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

fourth.life *.fourth.life *.development.fourth.life *.pg.fourth.life

Other domains in certificate

allensfordcaravanpark.com *.allensfordcaravanpark.com *.ww25.allensfordcaravanpark.com *.ww38.allensfordcaravanpark.com

aqui.store *.aqui.store

busker.ca *.busker.ca *.wildcard.busker.ca *.xn--ww43-976a.busker.ca

exitleadingedgerealty.com *.exitleadingedgerealty.com *.larry.exitleadingedgerealty.com

*.bitrix.heless.click heless.click *.heless.click *.sitemaps.heless.click

interamericanuniversity.us *.interamericanuniversity.us

lawyeroregon.net *.lawyeroregon.net

*.biz.listdepo.com *.co.listdepo.com *.com.listdepo.com listdepo.com *.listdepo.com

*.hkpools.livedraw.pw livedraw.pw *.livedraw.pw

*.377a6ae8-b45c-4dcf-ab84-8fe1b2f93818.myexnude.com *.38.myexnude.com *.admin.myexnude.com *.api.myexnude.com *.app.myexnude.com *.backup.myexnude.com *.bbs.myexnude.com *.beta.myexnude.com *.blog.myexnude.com *.crm.myexnude.com *.dev.myexnude.com *.forum.myexnude.com *.forums.myexnude.com *.help.myexnude.com *.laravel.myexnude.com *.m.myexnude.com *.mail.myexnude.com *.mobile.myexnude.com myexnude.com *.myexnude.com *.new.myexnude.com *.news.myexnude.com *.notexistsww25.myexnude.com *.old.myexnude.com *.remote.myexnude.com *.s3.myexnude.com *.smtp.myexnude.com *.store.myexnude.com *.temp.myexnude.com *.test.myexnude.com *.vpn.myexnude.com *.wap.myexnude.com *.web.myexnude.com *.webmail.myexnude.com *.wiki.myexnude.com *.ww25.myexnude.com *.ww38.myexnude.com *.www.myexnude.com

*.80b42e72-ed54-4160-9679-5a9569dabae0.ooakgroup.io ooakgroup.io *.ooakgroup.io *.webdisk.ooakgroup.io

securelink85.com *.securelink85.com *.track.securelink85.com *.ww38.securelink85.com

shopnosports.com *.shopnosports.com *.wwww.shopnosports.com

*.beta.sinidulu14.click sinidulu14.click *.sinidulu14.click *.ww38.sinidulu14.click

*.m.spoturtrain.info spoturtrain.info *.spoturtrain.info *.www.spoturtrain.info