SSL Certificate Analysis for arizala.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=yougen.online

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 19, 2026

Valid Until

May 20, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

9D:48:78:BE:54:06:D5:5A:26:06:CB:C7:72:7A:3B:77:E2:51:EB:38:E7:D8:7D:AC:24:94:5D:D3:54:26:BC:2C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

arizala.com *.arizala.com *.maritza.arizala.com

Other domains in certificate

criz.website *.criz.website *.flowise.criz.website

*.admin.discounteyeglasses.it *.api.discounteyeglasses.it *.dashboard.discounteyeglasses.it *.dashs.discounteyeglasses.it *.demo.discounteyeglasses.it discounteyeglasses.it *.discounteyeglasses.it *.stats.discounteyeglasses.it

ebiopay.com *.ebiopay.com *.m.ebiopay.com *.vpn.ebiopay.com *.www.ebiopay.com

*.3b69009a-c6e1-4f1b-aab3-67a01ceb2179.gillianforwi.com gillianforwi.com *.gillianforwi.com *.spring.gillianforwi.com *.storage.gillianforwi.com *.wildcard.gillianforwi.com

goal.sx *.goal.sx *.live.goal.sx *.sitemaps.goal.sx *.test.goal.sx

*.app.hiita.se *.dasaprakash.hiita.se hiita.se *.hiita.se *.mail.hiita.se *.minasidor.hiita.se *.www.hiita.se *.www42.hiita.se

lina.cc *.lina.cc

lonehub.info *.lonehub.info *.star.lonehub.info

*.ldcardsubdomaintoprocess.mlbcoin.club mlbcoin.club *.mlbcoin.club *.wildcardsubdomaintoprocess.mlbcoin.club *.www.mlbcoin.club

*.dns.new8816.net *.doh1.new8816.net new8816.net *.new8816.net

*.b5hyr.nsa75.top nsa75.top *.nsa75.top *.rczhl.nsa75.top *.s5kjz.nsa75.top *.zruod.nsa75.top

*.cg4o5.powerfullspin.xyz *.intranet.powerfullspin.xyz *.l8kqx.powerfullspin.xyz powerfullspin.xyz *.powerfullspin.xyz *.s5kjz.powerfullspin.xyz *.v3ywp.powerfullspin.xyz

*.qasralawani.shopro.co shopro.co *.shopro.co

vendorshop.store *.vendorshop.store *.ww25.vendorshop.store

*.test.work-hunter.com work-hunter.com *.work-hunter.com *.ww25.work-hunter.com *.www.work-hunter.com

*.kncgyfke.wwwssyangj.com *.oixomadx.wwwssyangj.com *.smqyhnza.wwwssyangj.com *.sporyretpzvo.wwwssyangj.com *.uamaxidj.wwwssyangj.com *.vithasinttalehjon.wwwssyangj.com wwwssyangj.com *.wwwssyangj.com *.yoyhtopm.wwwssyangj.com *.zspxajwf.wwwssyangj.com

*.random.yougen.online yougen.online *.yougen.online