SSL Certificate Analysis for rentemas.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=innovationalp.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 11, 2025

Valid Until

March 11, 2026 76 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F3:6C:1A:E3:3A:C4:7D:05:5F:8B:8E:CA:3A:2A:C9:61:F0:15:50:80:D9:64:1B:A1:F4:CC:B7:4D:34:30:E6:BC

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

rentemas.com

Other domains in certificate

partnerdemo1.app2.1on1navi.com

2022.ng-de.org

aaronhe.ca

www.actuaryfellows.com

akira-tomoko.com

www.aledjones.net

appnotfallpaket.aljoma.at

www.baddybreakdowns.com

casetaguarapo.bracelit.es

myintros.bubbletea.cloud mypolls.bubbletea.cloud mystandups.bubbletea.cloud

bypal.net

app.cartacacador.pt

www.catche.in

link.checkle.com

www.sunpower.com.hk

www.tekbahadurshrestha1.com.np

deeplink.10110.dev

dmasters.in

web.ebusaka.com

www.encuron.sk

www.enterdobrasil.com.br

www.fabiangadau.com

apphirer.famyle.com

auth.featherplanner.com

www.fpvbuddy.app

www.frostburgstatecamps.com

www.gotecapp.com

gpaelevator.com

app.link.graindiscovery.com

hack-rpg.hackforplay.xyz

harano.com.br

hasenhuttl.app

hizzysphotos.com

www.holzbau-freyer.de

innothenics.com

innovationalp.com

jigyasaiitbhu.in

joshcoles.com

kinderlytics.com

app.kramtyksveikai.lt

purchase.kropai.com

lendit.life

lom-bard.kz

lumipowell.com

masebtech.com

hr.four.mayaholdportal.com hr.one.mayaholdportal.com hr.three.mayaholdportal.com

mercadodepases.club

miniprofe.com.mx

mipig.cafe

mob.invtracking.mor.company

www.nikudoushi-fukushima2.com

nryn.in

test.app.nuaxia.com

okioapp.com

oleksiikarachynskyi.com

omneimneh.com

namakkal.onewaydroptaxie.com

jeffersoncountywa.opendata.report

ops51.com

pro.organizeat.com

www.particle-text.com

pevitech.com

admin.plusoneworldwide.com

app.projectfreedom.xyz

www.prologue-nola.com

repomean.com

www.residuum-carbon.com.br

saacsportsclub.com

www.samuel-hreha.tech

mts-pesri-kendari.sch.id

www.see-in-ar.com

customerapp.simpayx.com

sizechart.app

www.app.solotrvlr.com

api.somostera.com

www.soumission-avantageuse.ca

spagnolettaconstruction.com

staff.staciksmp.com

www.recoleta.sushi2x1.com.ar

swap-eat.fr

www.thefakerestaurant.com

threeprint.de

tournero.app

audio.trinityrochester.org

uradiochannel.com

www.veryfyglobal.com

cadeaux.vuidart.com

authdev.w2s2.com

cms.wejha.com

admin.workleague.se

www.deeplink.10110.dev

xgoo.gl

m.zajil-express.org

zer0q.com

zowaralbait.com