SSL Certificate Analysis for eclipse.cruzeiro.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=thefauz.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 09, 2026

Valid Until

July 08, 2026 38 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7E:A6:BC:31:16:09:2E:25:1D:C5:6F:D4:15:F5:95:A9:5D:CA:D8:07:D5:A0:4B:16:6D:63:22:F2:50:FE:FE:66

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

cruzeiro.com *.cruzeiro.com *.a.cruzeiro.com *.acesso.cruzeiro.com *.ajuda.cruzeiro.com *.canal.cruzeiro.com *.ce.cruzeiro.com *.clube.cruzeiro.com *.delivibes.cruzeiro.com *.do.cruzeiro.com *.eclipse.cruzeiro.com *.escola.cruzeiro.com *.eusou.cruzeiro.com *.ge.cruzeiro.com *.ingresso.cruzeiro.com *.ingressos.cruzeiro.com *.juv.cruzeiro.com *.lyncdiscover.cruzeiro.com *.magnetisms.cruzeiro.com *.minhacara.cruzeiro.com *.paypal-mail.cruzeiro.com *.remote.cruzeiro.com *.sipexternal.cruzeiro.com *.suacara.cruzeiro.com *.visitante.cruzeiro.com *.webvpn.cruzeiro.com *.ww6.cruzeiro.com *.x.cruzeiro.com

Other domains in certificate

aitextspeech.com *.aitextspeech.com *.random.aitextspeech.com *.www1.aitextspeech.com *.www6.aitextspeech.com

*.cnfr9.fairbird.xyz *.eu3rm.fairbird.xyz fairbird.xyz *.fairbird.xyz *.hgsq5.fairbird.xyz *.ks0v9.fairbird.xyz *.kwid9.fairbird.xyz

*.admin.pastaway.it *.analytic.pastaway.it *.api.pastaway.it *.backend.pastaway.it *.dashboards.pastaway.it *.dev.pastaway.it *.hostmaster.pastaway.it pastaway.it *.pastaway.it *.remote.pastaway.it *.staging.pastaway.it *.www.pastaway.it

*.274dc2ef-e627-4a68-ae78-6ff0acc54b29.powercommonsense.com *.64d682cc-93e2-456b-9750-c7bc4b67b863.powercommonsense.com *.a.powercommonsense.com *.app.powercommonsense.com *.dev.powercommonsense.com *.m.powercommonsense.com powercommonsense.com *.powercommonsense.com *.www.powercommonsense.com

thefauz.com *.thefauz.com *.ww38.thefauz.com

*.1.trebet.win *.api.trebet.win *.app.trebet.win *.assets.trebet.win *.backoffice.trebet.win *.cabinet.trebet.win *.cb66188a-aa60-4a9d-a7b4-81774d33c53a.trebet.win *.demo.trebet.win *.dev.trebet.win *.f17747ca-029e-4eed-b5fe-c041bf476f22.trebet.win *.fca5dd1a-3215-4f57-a579-c4466fcde411.trebet.win *.fkfuarustore.trebet.win *.hostmaster.trebet.win *.mqyfvrustore.trebet.win *.rustore.trebet.win *.send.trebet.win *.sso.trebet.win *.test.trebet.win *.testing.trebet.win trebet.win *.trebet.win *.www.trebet.win

uscsd.com *.uscsd.com *.www.uscsd.com