SSL Certificate Analysis for imap.dwea.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=digitalrepositoryauditandcertification.org

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 31, 2026

Valid Until

May 01, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

38:BF:11:57:E0:E5:4F:39:41:EE:33:04:E6:75:BD:C5:6B:64:C4:36:A4:E7:89:54:78:AB:6E:0C:5C:15:48:0D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

dwea.com *.dwea.com *.imap.dwea.com

Other domains in certificate

aa1805.com *.aa1805.com *.web.aa1805.com *.ww25.aa1805.com

bandana.cc *.bandana.cc

buyer-site1.store *.buyer-site1.store *.portal.buyer-site1.store *.random.buyer-site1.store

*.1dfqf7.ccw.com *.3tlz37c0g.ccw.com ccw.com *.ccw.com *.fi6u8n-9.ccw.com *.g6y5dilg8n9kk0vxn5qs.ccw.com *.kelehut.ccw.com *.kpopcchesap.ccw.com *.l9e4vy1a.ccw.com *.pp.ccw.com *.tjzjhw.ccw.com

desiflix.site *.desiflix.site *.netdata.desiflix.site *.nzbget.desiflix.site *.organizr.desiflix.site *.qb.desiflix.site *.radarr.desiflix.site *.tautulli.desiflix.site

digitalrepositoryauditandcertification.org *.digitalrepositoryauditandcertification.org *.webdisk.digitalrepositoryauditandcertification.org *.wiki.digitalrepositoryauditandcertification.org

etotop.click *.etotop.click *.hmdautes.etotop.click *.jfgplcnt.etotop.click *.kwfoespb.etotop.click *.rosjlena.etotop.click *.trjodksh.etotop.click *.wpkucgjw.etotop.click *.ww25.etotop.click *.ww38.etotop.click *.ycekfptq.etotop.click *.ydmfryft.etotop.click *.znbngemn.etotop.click

facetriod.com *.facetriod.com *.ww25.facetriod.com

forene.com *.forene.com

hihe.download *.hihe.download

juaraterusdisini.xyz *.juaraterusdisini.xyz *.ww25.juaraterusdisini.xyz

linuxfab.com *.linuxfab.com *.m.linuxfab.com

*.autoconfig.majusampaibulan33.click majusampaibulan33.click *.majusampaibulan33.click

*.ar.sam.com.mx *.e2.sam.com.mx *.ebusiness.sam.com.mx *.edge.sam.com.mx *.email.sam.com.mx *.ftp.sam.com.mx sam.com.mx *.sam.com.mx *.ww2.sam.com.mx *.ww38.sam.com.mx *.www.sam.com.mx

*.m.strategicstartups.com strategicstartups.com *.strategicstartups.com

*.mail.tierce-gagnant.com *.selfservice.tierce-gagnant.com tierce-gagnant.com *.tierce-gagnant.com *.www.tierce-gagnant.com

wholetthedogsout.com *.wholetthedogsout.com *.ww38.wholetthedogsout.com

*.webdisk.wtshtf.com wtshtf.com *.wtshtf.com