SSL Certificate Analysis for skillvesto.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=dementoto.co

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 20, 2026

Valid Until

August 18, 2026 67 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

98:D2:85:A0:14:61:5D:58:4E:48:33:7C:79:BE:3E:BF:70:81:C9:97:A9:8D:C6:B0:94:63:3F:F4:A5:83:64:C7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

skillvesto.com *.skillvesto.com

Other domains in certificate

33052.one *.33052.one

35641.xyz *.35641.xyz

379862.one *.379862.one

98896.xyz *.98896.xyz

98t67.xyz *.98t67.xyz

americanvultures.com *.americanvultures.com

bigbet89.com *.bigbet89.com

cbdspeech.com *.cbdspeech.com

chainedescape.com *.chainedescape.com

contras.top *.contras.top

cpalosangelesca.com *.cpalosangelesca.com

crazy-joker.online *.crazy-joker.online

crazy-joker.site *.crazy-joker.site

crma2a.com *.crma2a.com *.demo.crma2a.com

dd692uam.xyz *.dd692uam.xyz

ddmy355.pro *.ddmy355.pro

*.blog.dementoto.co dementoto.co *.dementoto.co

dtshot8.com *.dtshot8.com

duitpreman69.us *.duitpreman69.us

ecoden.co *.ecoden.co

fitnessrefine.club *.fitnessrefine.club

fjfjg8w2p.top *.fjfjg8w2p.top

gidonline.inc *.gidonline.inc

gloryshoe.info *.gloryshoe.info

gossipdistinct.xyz *.gossipdistinct.xyz

heavenandearthretreats.com *.heavenandearthretreats.com

herax.xyz *.herax.xyz

hpcntt.cc *.hpcntt.cc

hydrofence.com *.hydrofence.com

isekai4d.com *.isekai4d.com

jcselection.com *.jcselection.com

kapriss.my *.kapriss.my

kievfood.com *.kievfood.com

kizmall.com *.kizmall.com

langzeit-auto-mieten.sbs *.langzeit-auto-mieten.sbs

myfreemp33.com *.myfreemp33.com

prostalon.com *.prostalon.com

sansver.org *.sansver.org

seriticollection.com *.seriticollection.com

thediyprofessional.xyz *.thediyprofessional.xyz

universal-marketoptions.live *.universal-marketoptions.live

uppsaladirekt.com *.uppsaladirekt.com

vhrxdrr1044.vip *.vhrxdrr1044.vip