SSL Certificate Analysis for mail.winderemere.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=reilas.de

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 27, 2026

Valid Until

July 26, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

14:73:E2:69:B1:34:9C:78:C6:5A:F7:D5:8B:8A:6A:BA:00:0F:5F:5A:75:E5:8C:74:9E:19:08:05:62:22:DE:F7

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

winderemere.com *.winderemere.com *.edp.winderemere.com *.glw.winderemere.com *.mail.winderemere.com *.marilynfrench.winderemere.com *.ww17.winderemere.com *.xl.winderemere.com

Other domains in certificate

anvil-metal-pounders-union.com *.anvil-metal-pounders-union.com *.portal.anvil-metal-pounders-union.com *.ww16.anvil-metal-pounders-union.com

atfxd.info *.atfxd.info *.b043e8a5-b0b3-4619-a061-fe29b9850b5f.atfxd.info *.bmin.atfxd.info *.go.atfxd.info *.hm.atfxd.info *.ki.atfxd.info *.old.atfxd.info *.post.atfxd.info

benhome.com *.benhome.com

*.business.dragonsgatetattoo.com dragonsgatetattoo.com *.dragonsgatetattoo.com

famed.com.au *.famed.com.au *.mx.famed.com.au *.ww25.famed.com.au

*.cpanel.honeycombkits.com honeycombkits.com *.honeycombkits.com *.ww25.honeycombkits.com *.ww38.honeycombkits.com

icalling.com *.icalling.com

*.es.jerkmate.cm jerkmate.cm *.jerkmate.cm *.random.jerkmate.cm

lojashoppe.site *.lojashoppe.site *.ww38.lojashoppe.site

*.auth.nightmarefuel.com *.careers.nightmarefuel.com *.cd.nightmarefuel.com *.in.nightmarefuel.com *.music.nightmarefuel.com nightmarefuel.com *.nightmarefuel.com *.ru.nightmarefuel.com *.s.nightmarefuel.com *.shop.nightmarefuel.com *.sms.nightmarefuel.com *.themes.nightmarefuel.com *.us.nightmarefuel.com

*.pay.professionalpaintingne.com professionalpaintingne.com *.professionalpaintingne.com

*.mail.reilas.de reilas.de *.reilas.de *.son.reilas.de *.trainig.reilas.de *.training.reilas.de

slotsout.net *.slotsout.net *.ww38.slotsout.net

togelfiesta2024.com *.togelfiesta2024.com *.ww25.togelfiesta2024.com *.www.togelfiesta2024.com

*.ftp.zawya90.net *.ins-dev.zawya90.net *.mail.zawya90.net zawya90.net *.zawya90.net

*.2p3udo.zs7167.com *.admin.zs7167.com *.app.zs7167.com *.backend.zs7167.com *.beta.zs7167.com *.chat.zs7167.com *.d8ab906d-fa75-45cf-a89e-1d3c329bfab0.zs7167.com *.my.zs7167.com *.rustore.zs7167.com zs7167.com *.zs7167.com