SSL Certificate Analysis for test.cezali.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=lamperno.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 05, 2026

Valid Until

May 06, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

34:C4:77:51:BA:8B:F4:C8:5E:A1:7F:5F:44:4F:24:7A:7C:2C:2A:B3:95:9C:4F:86:D4:B9:25:B6:40:6C:45:B5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

cezali.com *.cezali.com *.api.cezali.com *.forums.cezali.com *.help.cezali.com *.hostmaster.cezali.com *.mail.cezali.com *.test.cezali.com *.ww25.cezali.com

Other domains in certificate

0759lxx.com *.0759lxx.com *.w.0759lxx.com

*.12.8762.my 8762.my *.8762.my

campionidipoker.com *.campionidipoker.com *.dashboards.campionidipoker.com

*.app.celebi.it celebi.it *.celebi.it *.dev.celebi.it

*.5003.harborfreightsyf.com harborfreightsyf.com *.harborfreightsyf.com

integramenti.it *.integramenti.it *.mx.integramenti.it

lamperno.com *.lamperno.com *.www.lamperno.com

*.crm.letrerosluminosos.com letrerosluminosos.com *.letrerosluminosos.com

mobchance.com *.mobchance.com

*.bet365-resultados.nfcbs.com *.comprovante-de-pix-falso-pdf.nfcbs.com *.criar-qr-code-pix-nubank.nfcbs.com *.esporte-da-sorte-aposta.nfcbs.com *.f12.nfcbs.com *.historia-do-esporte.nfcbs.com *.jogos-antigos-online.nfcbs.com *.jogos-biblicos-online.nfcbs.com *.jogos-de-sinuca-online.nfcbs.com *.jogos-do-mario-online.nfcbs.com nfcbs.com *.nfcbs.com *.pansudo-poker-vip-apostas.nfcbs.com *.pix-tem-limite-de-valor.nfcbs.com *.racismo-no-esporte-redacao.nfcbs.com *.regras-da-roleta.nfcbs.com *.stake-com-apostas.nfcbs.com *.tj-sport-bet.nfcbs.com *.twin-strangers.nfcbs.com *.visto-b1.nfcbs.com

*.gateway.omegabibleinstitute.net omegabibleinstitute.net *.omegabibleinstitute.net *.www.omegabibleinstitute.net

*.chat.pizza-sushi-express.top *.dashboard.pizza-sushi-express.top *.dev2.pizza-sushi-express.top pizza-sushi-express.top *.pizza-sushi-express.top *.prod.pizza-sushi-express.top *.ru.pizza-sushi-express.top *.stg.pizza-sushi-express.top

*.mx2.pornjb.com pornjb.com *.pornjb.com *.sslvpn.pornjb.com

*.api.sukhoo.com sukhoo.com *.sukhoo.com *.test.sukhoo.com *.ww17.sukhoo.com

*.sex.vedois.com vedois.com *.vedois.com *.xnxx.vedois.com *.xxx.vedois.com *.xxxxx.vedois.com

vetement-chaussure.com *.vetement-chaussure.com *.ww25.vetement-chaussure.com

*.cpcontacts.zuazuaresorts.com *.hlvdhfrdewquiomn.zuazuaresorts.com zuazuaresorts.com *.zuazuaresorts.com