SSL Certificate Analysis for admin.dezeigns.com - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

CN=07725.loan

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 01, 2026

Valid Until

May 02, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

86:5B:9F:86:E1:AE:51:3E:DA:F5:32:86:CD:7A:B6:1B:47:A8:31:BC:08:0F:73:CD:16:A2:28:7B:2B:7F:24:3B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

dezeigns.com *.dezeigns.com

Other domains in certificate

07725.loan *.07725.loan

13247.academy *.13247.academy

1nfinite.business *.1nfinite.business

20149.academy *.20149.academy

25798.pictures *.25798.pictures

29284.pictures *.29284.pictures

2bedroomapartment742610.icu *.2bedroomapartment742610.icu

43352.pizza *.43352.pizza

52830.co *.52830.co

70350.co *.70350.co

7418821.com *.7418821.com

7starhd.so *.7starhd.so

957yjj301.top *.957yjj301.top

962yjj301.top *.962yjj301.top

963yjj301.top *.963yjj301.top

964clx301.top *.964clx301.top

achatquebec.com *.achatquebec.com

ads-amazon.shop *.ads-amazon.shop

akinacar.com *.akinacar.com

alsegundo.com *.alsegundo.com

audy88now.cyou *.audy88now.cyou

audy88now.lat *.audy88now.lat

bestelectriccars.in *.bestelectriccars.in

blacklightrecon.com *.blacklightrecon.com

bumbuk.com *.bumbuk.com

celebioglultd.com *.celebioglultd.com

chinanewenergy.net *.chinanewenergy.net

clearwaterjourney.archi *.clearwaterjourney.archi

comprehensive-solar-628806103.click *.comprehensive-solar-628806103.click

credit-cards-19788.click *.credit-cards-19788.click

davidleftleygraphics.com *.davidleftleygraphics.com

dechezsoi.com *.dechezsoi.com

dripdjuicecleanse.com.au *.dripdjuicecleanse.com.au

enamoured.com.au *.enamoured.com.au

ever-spring.com *.ever-spring.com

everydayisrecoveryday.com *.everydayisrecoveryday.com

ezbazarbd.com *.ezbazarbd.com

follicularlymphoma106716.icu *.follicularlymphoma106716.icu

fx-momentum.com *.fx-momentum.com

garmbiatrade.com *.garmbiatrade.com

greensmoothieguide.com *.greensmoothieguide.com

grekapitatogo.com *.grekapitatogo.com

hilt.com.au *.hilt.com.au

imustangs.com *.imustangs.com