SSL Certificate Analysis for beta.duchar.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=kazimaydin.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

03:BE:08:C5:53:6E:F2:19:52:F5:06:27:34:A6:BD:B9:E7:41:33:26:7C:2F:FC:2C:85:B0:FF:5C:AD:C7:D9:DB

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

duchar.com *.duchar.com *.admin.duchar.com *.api.duchar.com *.beta.duchar.com *.crm.duchar.com *.dev.duchar.com *.forums.duchar.com *.mail.duchar.com *.test.duchar.com *.ww38.duchar.com *.ww5.duchar.com

Other domains in certificate

adictivos.com *.adictivos.com *.amores.adictivos.com

ashitey.com *.ashitey.com *.backup.ashitey.com *.crm.ashitey.com *.demo.ashitey.com *.dev.ashitey.com *.mail.ashitey.com *.test.ashitey.com *.ww1.ashitey.com

ayxtiyu-tyapp.com *.ayxtiyu-tyapp.com *.www.ayxtiyu-tyapp.com

barbequeshack.com *.barbequeshack.com *.ww38.barbequeshack.com

*.0f5fcf46-d824-410b-8df8-8913dcc053ca.btbuy.com btbuy.com *.btbuy.com

cameltoer.com *.cameltoer.com *.server.cameltoer.com *.ww25.cameltoer.com

*.billing.free-ned.club *.bmail.free-ned.club *.change.free-ned.club *.customer.free-ned.club *.customers.free-ned.club *.demo.free-ned.club *.dev.free-ned.club *.email.free-ned.club free-ned.club *.free-ned.club *.login.free-ned.club *.mail.free-ned.club *.relay.free-ned.club *.rustore.free-ned.club *.utlook.free-ned.club *.ww38.free-ned.club *.www.free-ned.club

*.bcpidz.hls9.motorcycles *.cegrqw.hls9.motorcycles *.dgz.hls9.motorcycles *.dhwjvt.hls9.motorcycles *.etyjpc.hls9.motorcycles hls9.motorcycles *.hls9.motorcycles

*.b2b.kazimaydin.com *.ceri.kazimaydin.com *.demo1.kazimaydin.com *.demo2.kazimaydin.com *.djaskdjajfa.kazimaydin.com *.guzelliksalonu2.kazimaydin.com *.guzelliksalonu3.kazimaydin.com *.karacademo.kazimaydin.com kazimaydin.com *.kazimaydin.com *.makeup1.kazimaydin.com *.makeup2.kazimaydin.com *.melisadenemesite.kazimaydin.com *.mevludekaracademo.kazimaydin.com *.spa1.kazimaydin.com *.spa2.kazimaydin.com *.spa3.kazimaydin.com *.tatto1.kazimaydin.com *.webtegram.kazimaydin.com *.xn--gzelliksalonu1-gsb.kazimaydin.com *.xn--kuafr1-zxa.kazimaydin.com *.xn--kuafr2-zxa.kazimaydin.com *.yoga2.kazimaydin.com

toto5g.click *.toto5g.click

*.m.tqys.cc tqys.cc *.tqys.cc