SSL Certificate Analysis for mx02.zxez.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=muhn1.net

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 14, 2026

Valid Until

April 14, 2026 61 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AB:DE:2E:52:95:89:C7:82:4B:51:F3:87:09:96:3E:E8:FC:14:46:92:0B:91:E3:9D:D0:22:D1:E0:DE:B6:E0:65

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

zxez.com *.zxez.com *.g.zxez.com *.gf.zxez.com *.mx02.zxez.com *.server.zxez.com *.store.zxez.com *.w.zxez.com *.ww25.zxez.com

Other domains in certificate

artdeko.online *.artdeko.online *.shop.artdeko.online

azstatejobs.org *.azstatejobs.org *.govinfo.azstatejobs.org *.random.azstatejobs.org

*.b51eabe8fd70808e.cilitiantang2034.xyz cilitiantang2034.xyz *.cilitiantang2034.xyz *.e7d473c0a8a2db19.cilitiantang2034.xyz *.www.cilitiantang2034.xyz

*.aniqmail.connectionphase.com connectionphase.com *.connectionphase.com *.itsecuresource.connectionphase.com *.securesource.connectionphase.com *.test.connectionphase.com

cuidandolasalud.site *.cuidandolasalud.site *.random.cuidandolasalud.site *.ww16.cuidandolasalud.site

dailyhealthnews.xyz *.dailyhealthnews.xyz *.jobbumps.dailyhealthnews.xyz *.stylenameworld.dailyhealthnews.xyz *.technewsdaily.dailyhealthnews.xyz *.technewsfun.dailyhealthnews.xyz *.technewsreviews.dailyhealthnews.xyz *.technewstrend.dailyhealthnews.xyz *.technewsups.dailyhealthnews.xyz *.technewsweek.dailyhealthnews.xyz *.technewsworld.dailyhealthnews.xyz *.www.dailyhealthnews.xyz

despertandooemagrecimento.com.br *.despertandooemagrecimento.com.br *.t.despertandooemagrecimento.com.br *.ww16.despertandooemagrecimento.com.br

dziennikarstwo.com *.dziennikarstwo.com *.hostmaster.dziennikarstwo.com *.software.dziennikarstwo.com *.ww1.dziennikarstwo.com *.ww17.dziennikarstwo.com *.ww25.dziennikarstwo.com

lumau2.com *.lumau2.com *.sport.lumau2.com *.ww17.lumau2.com *.ww38.lumau2.com

mapit.store *.mapit.store *.panel.mapit.store

*.launcher.muhn1.net *.market.muhn1.net muhn1.net *.muhn1.net *.ww38.muhn1.net *.www.muhn1.net

southmusic.live *.southmusic.live *.ww38.southmusic.live

*.mail.symplithebest.com symplithebest.com *.symplithebest.com *.website.symplithebest.com *.ww25.symplithebest.com

*.chat.vilba.com *.dev2.vilba.com *.home.vilba.com *.milen.vilba.com *.moodle.vilba.com *.mx.vilba.com *.pop3.vilba.com *.s.vilba.com *.school.vilba.com vilba.com *.vilba.com

youthjamaica.com *.youthjamaica.com