SSL Certificate Analysis for admin.exmcharge.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=godeady.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 14, 2026

Valid Until

August 12, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

62:9B:D4:2E:23:C2:FE:65:6C:33:0D:6E:99:C7:91:87:87:61:BD:7A:BB:BF:78:6F:C9:6B:35:CA:FF:7D:7F:43

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

exmcharge.com *.exmcharge.com *.admin.exmcharge.com *.ftp.exmcharge.com *.intranet.exmcharge.com *.localhost.exmcharge.com *.m.exmcharge.com *.shop.exmcharge.com

Other domains in certificate

bcy02.com *.bcy02.com *.random.bcy02.com

castration.com.au *.castration.com.au *.ww38.castration.com.au

cherishedtouch.com *.cherishedtouch.com *.m.cherishedtouch.com *.om.cherishedtouch.com

desipodcast.com.au *.desipodcast.com.au *.ww17.desipodcast.com.au

*.9.dotpp.net dotpp.net *.dotpp.net *.lyrical.dotpp.net *.minivip.dotpp.net *.thsims.dotpp.net *.ww38.dotpp.net

femlittext.click *.femlittext.click *.uxp7qj.femlittext.click

globalbaptist.org *.globalbaptist.org *.sitemap.globalbaptist.org

godeady.com *.godeady.com *.img.godeady.com *.makina.godeady.com *.s1.godeady.com *.ww16.godeady.com *.ww25.godeady.com

greatwolodge.com *.greatwolodge.com

*.bbcri.hatchforsenate.com hatchforsenate.com *.hatchforsenate.com *.remote.hatchforsenate.com *.v1.hatchforsenate.com

inote.com.au *.inote.com.au *.ww16.inote.com.au

mygogo.it *.mygogo.it *.remote.mygogo.it *.staging.mygogo.it *.www.mygogo.it

*.crm.photodepo.com *.marketing.photodepo.com photodepo.com *.photodepo.com

*.owa.pressionefiscale.com pressionefiscale.com *.pressionefiscale.com *.remote.pressionefiscale.com

pwo.au *.pwo.au

*.mail.qrcodeth.com qrcodeth.com *.qrcodeth.com *.random.qrcodeth.com

rinjani.com *.rinjani.com *.sajan.rinjani.com

*.rastreamento.seucorreios.org seucorreios.org *.seucorreios.org

themunozorganization.com *.themunozorganization.com

usaetrc.com *.usaetrc.com *.ww16.usaetrc.com

wearing.au *.wearing.au

*.backup.xn--rgmakinesi-dcb8e.com *.bmniclra.xn--rgmakinesi-dcb8e.com *.hpzsiy.xn--rgmakinesi-dcb8e.com xn--rgmakinesi-dcb8e.com *.xn--rgmakinesi-dcb8e.com