SSL Certificate Analysis for pse.adetayo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=igrejamormon.org

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 31, 2026

Valid Until

May 01, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BB:E4:EB:42:C8:D6:19:DA:39:2D:36:78:27:12:06:36:D1:49:8A:C0:5F:E5:10:96:AC:4E:87:48:B3:3F:AC:BF

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

adetayo.com *.adetayo.com *.apisdk.adetayo.com *.cp.adetayo.com

Other domains in certificate

*.api.comforteza.com comforteza.com *.comforteza.com *.ftp.comforteza.com *.skydrive.comforteza.com *.webmail.comforteza.com

*.cr.igrejamormon.org *.hu.igrejamormon.org igrejamormon.org *.igrejamormon.org *.mk.igrejamormon.org *.na.igrejamormon.org *.sv.igrejamormon.org *.tg.igrejamormon.org *.th.igrejamormon.org

marmoraria.com *.marmoraria.com *.remote.marmoraria.com *.sitemaps.marmoraria.com

*.amekimbia.nae.au *.chat.nae.au *.children.nae.au *.iinet.nae.au *.kaja.nae.au *.kalibu.nae.au *.kota.nae.au *.kuja.nae.au *.kuogea.nae.au *.ls.nae.au *.me.nae.au *.mkutane.nae.au *.nachat.nae.au nae.au *.nae.au *.nahele.nae.au *.nakahile.nae.au *.nana.nae.au *.naongea.nae.au *.ndooumegombana.nae.au *.ndounaongea.nae.au *.nimekaa.nae.au *.nimeongea.nae.au *.niongee.nae.au *.ongea.nae.au *.sari.nae.au *.sea.nae.au *.siunawasiana.nae.au *.tombana.nae.au *.uko.nae.au *.ulikuwa.nae.au *.umeogea.nae.au *.umeongea.nae.au *.umeshaongea.nae.au *.umetembea.nae.au *.umewasiliana.nae.au *.unaechat.nae.au *.unaechati.nae.au *.unaenda.nae.au *.unaetembea.nae.au *.unakuja.nae.au *.unaudug.nae.au *.unaugomv.nae.au *.unaungana.nae.au *.unawaxiliana.nae.au *.up.nae.au *.upo.nae.au *.ushaongea.nae.au *.ushawasiliana.nae.au *.visa.nae.au *.wamekuja.nae.au *.ww25.nae.au *.zaa.nae.au

*.airflow.ramint.com.au *.demo.ramint.com.au *.old.ramint.com.au *.production.ramint.com.au ramint.com.au *.ramint.com.au

*.arabic.sexies.com sexies.com *.sexies.com

*.gateway.zezer.com zezer.com *.zezer.com