SSL Certificate Analysis for vestagas.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=statespeak.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 74 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B5:40:59:D9:C0:E9:99:B1:81:62:72:26:C2:80:7F:B5:E9:15:AB:6E:B3:88:9D:A2:07:29:7F:3D:1B:FE:BD:56

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

vestagas.com *.vestagas.com *.sitemaps.vestagas.com *.venus.vestagas.com

Other domains in certificate

*.api.ciids.org ciids.org *.ciids.org *.demo.ciids.org *.dev.ciids.org *.hostmaster.ciids.org *.insta.ciids.org

*.14.d9e.cc *.15.d9e.cc d9e.cc *.d9e.cc

*.demo.dogrufikir.info dogrufikir.info *.dogrufikir.info *.sitemap.dogrufikir.info *.sitemaps.dogrufikir.info *.test.dogrufikir.info *.xnpbjsitemap.dogrufikir.info

*.api.fithomie.vote *.app.fithomie.vote *.backup.fithomie.vote *.dev.fithomie.vote fithomie.vote *.fithomie.vote *.mail.fithomie.vote *.staging.fithomie.vote *.www.fithomie.vote

fun88onlinecasino.club *.fun88onlinecasino.club

gaming-pc-3.sbs *.gaming-pc-3.sbs

*.2chhg3.hookedgummies.com *.api.hookedgummies.com *.app.hookedgummies.com hookedgummies.com *.hookedgummies.com

*.argo.ilmessaggero.com ilmessaggero.com *.ilmessaggero.com *.informazionefiscale.ilmessaggero.com *.reporting.ilmessaggero.com *.songkick.ilmessaggero.com *.ww42.ilmessaggero.com *.youtube.ilmessaggero.com

*.4700faae-fb6c-45b0-a681-77ae954853bb.kannadigas.org *.api.kannadigas.org *.dev.kannadigas.org *.i4rx2w.kannadigas.org kannadigas.org *.kannadigas.org

*.ackfwncdy.moenet.au *.intranet.moenet.au moenet.au *.moenet.au

naturea.fr *.naturea.fr

*.m.roosem.com roosem.com *.roosem.com *.wwww.roosem.com

statespeak.com *.statespeak.com

*.app.wherefourhqoutreach.co *.demo.wherefourhqoutreach.co wherefourhqoutreach.co *.wherefourhqoutreach.co

*.13.x2e.com *.14.x2e.com *.15.x2e.com *.16.x2e.com *.3yvxsy3f1.x2e.com *.classifiedmarketplaceonline.x2e.com *.cople.x2e.com *.hsqge4w.x2e.com *.lgtmobile.x2e.com *.qis.x2e.com *.secure.x2e.com x2e.com *.x2e.com

*.7de54223-2e39-4d36-9eca-a1f442feaf97.xn--168-1klj2o5b.life *.api.xn--168-1klj2o5b.life *.dev.xn--168-1klj2o5b.life *.n8qwuh.xn--168-1klj2o5b.life *.staging.xn--168-1klj2o5b.life xn--168-1klj2o5b.life *.xn--168-1klj2o5b.life