SSL Certificate Analysis for dedicas.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=balajitoursandtravels.in

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 05, 2026

Valid Until

May 06, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C5:77:4D:88:C3:91:A8:9F:2A:90:47:07:17:E3:45:BA:9A:10:89:E5:BC:A8:0B:E6:05:C9:94:C5:CD:E4:47:B9

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

dedicas.com *.dedicas.com *.api.dedicas.com *.email.dedicas.com *.test.dedicas.com

Other domains in certificate

balajitoursandtravels.in *.balajitoursandtravels.in

*.0c08ba4b.bqgmm.com *.133ea1f1.bqgmm.com *.164a2c8a.bqgmm.com *.2f10158c.bqgmm.com *.38352be9.bqgmm.com *.4676.bqgmm.com *.671.bqgmm.com *.675.bqgmm.com *.72cd7e84.bqgmm.com *.821e2b72.bqgmm.com *.91de8158.bqgmm.com *.a0ef8d73.bqgmm.com *.aa945bde.bqgmm.com *.b1a4b42a.bqgmm.com *.becb8597.bqgmm.com bqgmm.com *.bqgmm.com *.c0373aef.bqgmm.com *.c72a9543.bqgmm.com *.ca196f01.bqgmm.com *.d0db88e3.bqgmm.com *.e1a60ee5.bqgmm.com *.ebce60fa.bqgmm.com *.f36ec1cb.bqgmm.com

casehug.info *.casehug.info *.mail.casehug.info

*.25.e19com.com e19com.com *.e19com.com

*.api.ellemae.com ellemae.com *.ellemae.com

*.app.kingjersey.shop *.bigboss.kingjersey.shop *.boss.kingjersey.shop *.dev.kingjersey.shop *.es.kingjersey.shop *.fr.kingjersey.shop *.ftp.kingjersey.shop *.home.kingjersey.shop kingjersey.shop *.kingjersey.shop *.lgaeyww25.kingjersey.shop *.m.kingjersey.shop *.mobile.kingjersey.shop *.news.kingjersey.shop *.pop.kingjersey.shop *.pt.kingjersey.shop *.sitemap.kingjersey.shop *.sitemaps.kingjersey.shop *.wap.kingjersey.shop *.web.kingjersey.shop *.whm.kingjersey.shop *.ww16.kingjersey.shop *.ww25.kingjersey.shop *.www.kingjersey.shop

nicekicksshops.org *.nicekicksshops.org *.ww25.nicekicksshops.org

privateelderlycaregiversseniorcare.online *.privateelderlycaregiversseniorcare.online *.ww38.privateelderlycaregiversseniorcare.online

*.biz.romelia.club *.bookingsite.romelia.club *.de.romelia.club *.edu.romelia.club *.holidayhotel.romelia.club *.promo.romelia.club *.remote.romelia.club romelia.club *.romelia.club *.superior.romelia.club *.test.romelia.club *.uat.romelia.club *.visual.romelia.club *.zaga.romelia.club

*.mail.xn--zbs.com *.share.xn--zbs.com *.test.xn--zbs.com *.ww38.xn--zbs.com xn--zbs.com *.xn--zbs.com