SSL Certificate Analysis for admin.debitt.cards - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=debitt.cards

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 28, 2026

Valid Until

July 27, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

24:55:AD:B3:D0:DA:57:16:65:C8:F9:6C:C8:2B:E5:50:47:D0:7A:32:DE:75:05:38:32:CE:DD:92:31:FF:0E:8F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

debitt.cards *.debitt.cards *.admin.debitt.cards *.api.debitt.cards *.app.debitt.cards *.b3808f44-31f4-455e-8430-97913119ce22.debitt.cards *.b6c012d4-4d07-43d7-bcbe-b7ce275aa959.debitt.cards *.card.debitt.cards *.catalog.debitt.cards *.dash.debitt.cards *.dashboard.debitt.cards *.demo.debitt.cards *.dev.debitt.cards *.hlfkvtest.debitt.cards *.hostmaster.debitt.cards *.log.debitt.cards *.members.debitt.cards *.mx1.debitt.cards *.staging.debitt.cards *.test.debitt.cards *.user.debitt.cards *.web1.debitt.cards

Other domains in certificate

eupublication.com *.eupublication.com *.m.eupublication.com *.sitemap.eupublication.com *.www.eupublication.com

*.beta-superset.mavicenter.com *.control.mavicenter.com mavicenter.com *.mavicenter.com *.mhpsouxe.mavicenter.com *.smtp.mavicenter.com *.ssl.mavicenter.com *.vpn.mavicenter.com *.www.mavicenter.com

*.cloud.meclizine.org *.dev.meclizine.org *.m.meclizine.org meclizine.org *.meclizine.org *.rd.meclizine.org *.remote.meclizine.org

*.admin.online-colleges-that-provide-laptops-2.cfd *.kafka.online-colleges-that-provide-laptops-2.cfd online-colleges-that-provide-laptops-2.cfd *.online-colleges-that-provide-laptops-2.cfd *.www.online-colleges-that-provide-laptops-2.cfd *.zawhsx1ucfb9c816.online-colleges-that-provide-laptops-2.cfd

*.com.students4epiclife.com students4epiclife.com *.students4epiclife.com

*.help.taxfraud.net *.hostmaster.taxfraud.net taxfraud.net *.taxfraud.net *.vpn.taxfraud.net *.whm.taxfraud.net

*.analytic-preprod.to88.club *.data-uat.to88.club *.dltpk.to88.club *.fjstycp36x7kjj.to88.club *.jdbcylcwz.to88.club *.ljbylcgwz.to88.club to88.club *.to88.club *.ww25.to88.club