SSL Certificate Analysis for maximu.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=dimensionlock.online

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 08, 2025

Valid Until

March 08, 2026 41 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C0:7A:AA:FF:73:09:05:38:51:17:2D:19:FB:E6:5A:C0:29:A1:08:86:3B:33:CC:43:0E:CB:2B:7C:55:DA:0D:05

Alternative Names

85 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

85 domains

maximu.com *.maximu.com *.omes.maximu.com *.ww38.maximu.com

Other domains in certificate

755restaurants.com *.755restaurants.com *.blog.755restaurants.com *.random.755restaurants.com

anyxxx.asia *.anyxxx.asia *.source-4.anyxxx.asia

*.bk.dimensionlock.online dimensionlock.online *.dimensionlock.online *.m.dimensionlock.online *.map.dimensionlock.online *.rustore.dimensionlock.online

dsl.com.au *.dsl.com.au *.power.dsl.com.au *.quik.dsl.com.au *.rho.dsl.com.au *.swift.dsl.com.au

*.chat.flightjub.com flightjub.com *.flightjub.com *.preprod.flightjub.com

flowgrow.online *.flowgrow.online

*.dekes.gambled.com gambled.com *.gambled.com *.secure.gambled.com

googelsearch.com *.googelsearch.com *.random.googelsearch.com

havestright.com *.havestright.com *.random.havestright.com

*.admin.missives2.com *.mailbox.missives2.com missives2.com *.missives2.com

*.aff.mtcampaign.com *.affiliate.mtcampaign.com *.api.mtcampaign.com *.co.mtcampaign.com *.com.mtcampaign.com *.in.mtcampaign.com *.inr.mtcampaign.com *.instant.mtcampaign.com *.lifafa.mtcampaign.com *.m.mtcampaign.com mtcampaign.com *.mtcampaign.com *.net.mtcampaign.com *.princemuneeb.mtcampaign.com *.pub.mtcampaign.com *.sycomuneeb.mtcampaign.com *.web.mtcampaign.com *.ww25.mtcampaign.com

offroadtrailers.com.au *.offroadtrailers.com.au

*.backup.oysee.com *.blog.oysee.com *.mx01.oysee.com oysee.com *.oysee.com

somosbelcorp.co *.somosbelcorp.co *.wwbuw.somosbelcorp.co

*.cdm.totemtourism.com *.random.totemtourism.com totemtourism.com *.totemtourism.com *.zsj.totemtourism.com

*.chat.vallymls.com vallymls.com *.vallymls.com

*.ghmobile.walittleathletics.com.au *.random.walittleathletics.com.au *.src.walittleathletics.com.au *.sz.walittleathletics.com.au walittleathletics.com.au *.walittleathletics.com.au