SSL Certificate Analysis for ww2.docysign.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=davai.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 11, 2026

Valid Until

July 10, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7D:A4:83:96:15:B3:3D:A2:64:1C:E9:F8:B4:64:D9:86:45:03:2D:B7:6D:45:0D:53:54:37:5B:31:6E:68:C5:B5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

docysign.com *.docysign.com *.ww2.docysign.com

Other domains in certificate

1065yjj301.top *.1065yjj301.top *.785b6e30145f48c63ac2d2a48a58d07c.1065yjj301.top

22346898.top *.22346898.top *.95lw2.22346898.top *.96c54.22346898.top *.dn930.22346898.top *.hrka1.22346898.top *.ip4i2.22346898.top *.kp5po.22346898.top *.l8kqx.22346898.top *.pwb3b.22346898.top *.q86h5.22346898.top *.v6j6e.22346898.top *.vizaseq.22346898.top

4lz.info *.4lz.info *.api.4lz.info *.aws.4lz.info *.blog.4lz.info *.dev.4lz.info *.ftp.4lz.info *.hu.4lz.info *.laravel.4lz.info *.mx.4lz.info

635709.com *.635709.com *.jnmal.635709.com

bkgbethesda.com *.bkgbethesda.com

davai.it *.davai.it

divineartjewels.com *.divineartjewels.com *.maloo.divineartjewels.com

f64439928.com *.f64439928.com *.wwww.f64439928.com

httpnetfree2.cc *.httpnetfree2.cc *.ww16.httpnetfree2.cc

*.api.mailbus.me *.auth-mijndomein.mailbus.me mailbus.me *.mailbus.me *.renew-zoho.mailbus.me *.ww38.mailbus.me

*.calendar.navern.com *.checker.navern.com navern.com *.navern.com *.smartstore.navern.com

*.62eb16d6-9962-4213-8c3e-72f8f34c51f0.nhloutlet9.shop *.admin.nhloutlet9.shop *.api.nhloutlet9.shop *.app.nhloutlet9.shop *.assets.nhloutlet9.shop *.demo.nhloutlet9.shop *.dev.nhloutlet9.shop *.docs.nhloutlet9.shop *.external.nhloutlet9.shop *.hostmaster.nhloutlet9.shop *.intranet.nhloutlet9.shop *.mail.nhloutlet9.shop *.members.nhloutlet9.shop nhloutlet9.shop *.nhloutlet9.shop *.scwdhphcuqassets.nhloutlet9.shop *.share.nhloutlet9.shop *.sharepoint.nhloutlet9.shop *.test.nhloutlet9.shop

rammerhead.eu *.rammerhead.eu

targpro.com *.targpro.com

*.hostmaster.viniitaliani.com *.mail.viniitaliani.com *.owa.viniitaliani.com *.random.viniitaliani.com viniitaliani.com *.viniitaliani.com

*.apps.vitamin-d.net *.evo.vitamin-d.net *.quxrutest.vitamin-d.net vitamin-d.net *.vitamin-d.net