SSL Certificate Analysis for hostmaster.txws.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=sobeach.net

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 22, 2026

Valid Until

August 20, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C7:21:70:CF:9A:3F:31:89:B1:EB:7A:FB:BA:6A:DF:02:78:7F:1E:93:7F:6E:6E:23:9D:71:15:EC:2C:4F:95:F9

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

txws.net *.txws.net *.analytics.txws.net *.cssb.txws.net *.dash.txws.net *.ebmail.txws.net *.hostmaster.txws.net *.intelligence.txws.net *.jcisd.txws.net *.m.txws.net *.mail.txws.net *.mx.txws.net *.out.txws.net *.qtpqiebmail.txws.net *.relay.txws.net *.smtp.txws.net *.smtpauth.txws.net *.smtps.txws.net *.static.txws.net *.superset.txws.net *.vpn.txws.net *.webmail.txws.net *.www.txws.net

Other domains in certificate

52gao10794s.cc *.52gao10794s.cc

*.004.hotimail.com *.08.hotimail.com *.09122006.hotimail.com *.123.hotimail.com *.17.hotimail.com *.2013.hotimail.com *.212.hotimail.com *.222.hotimail.com *.34.hotimail.com *.45.hotimail.com *.5.hotimail.com *.741.hotimail.com *.77.hotimail.com *.90.hotimail.com *.99.hotimail.com *.amo.hotimail.com *.bruce.hotimail.com *.bt.hotimail.com *.camargo.hotimail.com *.cat.hotimail.com *.com.hotimail.com *.dabloca.hotimail.com *.deli.hotimail.com *.demais.hotimail.com *.eduarda.hotimail.com *.example.hotimail.com *.facebook.hotimail.com *.fariassilva.hotimail.com *.gata.hotimail.com *.gatao.hotimail.com *.gatinha.hotimail.com *.gedik.hotimail.com *.gg231.hotimail.com *.gumacoisa.hotimail.com *.higiene.hotimail.com hotimail.com *.hotimail.com *.imap4.hotimail.com *.ips.hotimail.com *.klicic.hotimail.com *.linda.hotimail.com *.mail.hotimail.com *.nando.hotimail.com *.nervoso.hotimail.com *.oliveira.hotimail.com *.owa.hotimail.com *.pal.hotimail.com *.pc.hotimail.com *.ribeiro.hotimail.com *.s22.hotimail.com *.sanches-furlan.hotimail.com *.sasuke.hotimail.com *.sq.hotimail.com *.ta.hotimail.com *.uol.hotimail.com *.vertente.hotimail.com *.www.hotimail.com

*.mx2.sobeach.net *.owa.sobeach.net sobeach.net *.sobeach.net *.vpn.sobeach.net *.ww.sobeach.net *.ww2.sobeach.net *.www.sobeach.net