SSL Certificate Analysis for unmul.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=unmul.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

March 30, 2026

Valid Until

June 28, 2026 53 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

38:06:CA:4D:A4:3A:09:93:B7:79:DF:1A:D3:17:C9:1B:D5:FB:B8:B1:D7:A9:2D:EE:3E:90:11:37:D5:D2:B4:1A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

unmul.com *.unmul.com *.ac.unmul.com *.alfian.unmul.com *.ff.unmul.com *.fisip.unmul.com *.sia.unmul.com

Other domains in certificate

91abc.xyz *.91abc.xyz *.aa.91abc.xyz *.akt.91abc.xyz *.at.91abc.xyz *.qun.91abc.xyz *.ww17.91abc.xyz

*.ap.collgeboard.com *.apstudent.collgeboard.com *.apstuduent.collgeboard.com *.clep.collgeboard.com collgeboard.com *.collgeboard.com *.profileonline.collgeboard.com *.tea.collgeboard.com *.ww16.collgeboard.com *.ww38.collgeboard.com

datenwiederupher.com *.datenwiederupher.com *.web2.datenwiederupher.com

e2bot.site *.e2bot.site *.ww25.e2bot.site

*.acczvd.hsyy9.skin *.affrka.hsyy9.skin *.bcb.hsyy9.skin *.cdqslt.hsyy9.skin *.cim.hsyy9.skin *.dgtwom.hsyy9.skin *.dkylpd.hsyy9.skin *.ewksuw.hsyy9.skin *.ewvcdj.hsyy9.skin *.fhfkpn.hsyy9.skin hsyy9.skin *.hsyy9.skin *.ioluow.hsyy9.skin *.lipquv.hsyy9.skin *.lll.hsyy9.skin *.mtruzu.hsyy9.skin *.nqu.hsyy9.skin *.rxtvyz.hsyy9.skin *.sku.hsyy9.skin *.vfyhix.hsyy9.skin

*.14.mt89.mom mt89.mom *.mt89.mom

*.088ea4fd-87e8-4221-9b25-ba97aecb65e3.oltexas.com *.admin.oltexas.com *.api.oltexas.com *.app.oltexas.com *.assets.oltexas.com *.b4640c21-be6e-4db4-a286-4d2755077df3.oltexas.com *.b95b6ae2-cae7-4490-b625-71dd8955f072.oltexas.com *.hostmaster.oltexas.com *.intranet.oltexas.com *.mail.oltexas.com oltexas.com *.oltexas.com *.portal.oltexas.com *.shop.oltexas.com *.store.oltexas.com *.vpn.oltexas.com *.www.oltexas.com

portally3.xyz *.portally3.xyz

*.3f6a10be85e3.record.fm *.karpova.record.fm *.random.record.fm record.fm *.record.fm

*.random.taping-online.pl taping-online.pl *.taping-online.pl *.ww16.taping-online.pl *.ww25.taping-online.pl

thcvapestore.org *.thcvapestore.org *.www.thcvapestore.org

*.hostmaster.vagaro.co *.mysite.vagaro.co vagaro.co *.vagaro.co *.www.vagaro.co