SSL Certificate Analysis for yourtxasbenefits.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=zd108.be

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 03, 2026

Valid Until

April 03, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

26:68:3A:6E:63:C6:E7:BF:AE:1C:71:FD:F9:4A:3A:3C:C2:32:70:A1:4F:6E:CE:85:1F:07:DF:27:BC:C7:1C:D9

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

yourtxasbenefits.com *.yourtxasbenefits.com *.mx7.yourtxasbenefits.com *.ns1.yourtxasbenefits.com *.w.yourtxasbenefits.com

Other domains in certificate

applianceaddition.website *.applianceaddition.website

atelier-act.be *.atelier-act.be

avtomobili.com *.avtomobili.com

boutike.es *.boutike.es

brotbacken-online.de *.brotbacken-online.de

caoni.be *.caoni.be

clothingmetrics.us *.clothingmetrics.us *.mail.clothingmetrics.us

*.crm.rrw.com.pl *.mail.mdf.com.pl mdf.com.pl *.mdf.com.pl rrw.com.pl *.rrw.com.pl

dhx4d.me *.dhx4d.me

drivesafedrivingschool.co.uk *.drivesafedrivingschool.co.uk

feeeelled.info *.feeeelled.info *.ms-14.feeeelled.info

*.321sexchat-pprivate.fiktok.fun fiktok.fun *.fiktok.fun *.gay-chat.fiktok.fun

fitnest.store *.fitnest.store

fqerai.com *.fqerai.com

fraise.online *.fraise.online *.status.fraise.online

godheart.tv *.godheart.tv

hadese.com *.hadese.com

*.alpha.homemademoviestube.com homemademoviestube.com *.homemademoviestube.com *.hostmaster.homemademoviestube.com *.ww25.homemademoviestube.com

*.cld.intelligentsia.live *.ext.intelligentsia.live intelligentsia.live *.intelligentsia.live *.qa.intelligentsia.live *.vodafonebusiness.intelligentsia.live

kingford.com *.kingford.com

*.ftp.loginuang4d.com loginuang4d.com *.loginuang4d.com

*.dev.openhakcnl.space openhakcnl.space *.openhakcnl.space *.web.openhakcnl.space

qdrag.com *.qdrag.com

*.hostmaster.raleys.co raleys.co *.raleys.co *.ww25.raleys.co

shopitbazar.store *.shopitbazar.store

strainer.au *.strainer.au

vetodebate.space *.vetodebate.space

*.comxxex.xxvxa.com *.random.xxvxa.com *.ww38.xxvxa.com *.xxex.xxvxa.com xxvxa.com *.xxvxa.com

*.afhaal.zd108.be *.mx.zd108.be zd108.be *.zd108.be