SSL Certificate Analysis for durecttv.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=capitalswans.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 09, 2026

Valid Until

July 08, 2026 34 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A5:85:99:8C:F0:5B:A3:CF:F0:6A:0B:8B:43:06:D0:0B:8A:87:4F:FB:46:21:47:14:27:F4:5E:32:59:B3:2C:1D

Alternative Names

80 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

80 domains

durecttv.com *.durecttv.com *.blog.durecttv.com *.random.durecttv.com *.ww25.durecttv.com

Other domains in certificate

capitalswans.com *.capitalswans.com

*.2.dubx.tech *.a.dubx.tech *.aging.dubx.tech *.backup.dubx.tech dubx.tech *.dubx.tech *.hiljchostmaster.dubx.tech *.hostmaster.dubx.tech *.inst.dubx.tech *.marketing.dubx.tech *.ujdpv2.dubx.tech *.uperset.dubx.tech *.v1.dubx.tech *.v2.dubx.tech

*.blog.ehthosa.com ehthosa.com *.ehthosa.com *.log.ehthosa.com *.www.ehthosa.com

janxyxy.space *.janxyxy.space

kmeps2.site *.kmeps2.site

memberdic.com *.memberdic.com

mmslot77.com *.mmslot77.com

mu-2003.tech *.mu-2003.tech *.ww38.mu-2003.tech

plixorion.site *.plixorion.site

*.app.rentagirlfriend.club rentagirlfriend.club *.rentagirlfriend.club *.wwww.rentagirlfriend.club

slotwin68games.click *.slotwin68games.click

sykaaa-rola.sbs *.sykaaa-rola.sbs *.wildcard.sykaaa-rola.sbs

teatrojorgeisaacs.co *.teatrojorgeisaacs.co *.ww25.teatrojorgeisaacs.co

truecoach.io *.truecoach.io

*.devialet-ci.villedegrandbassam.com *.job.villedegrandbassam.com villedegrandbassam.com *.villedegrandbassam.com *.webmail.villedegrandbassam.com

*.api.xnh14.xyz *.app.xnh14.xyz *.assets.xnh14.xyz *.backup.xnh14.xyz *.cicd.xnh14.xyz *.dashboard.xnh14.xyz *.demo.xnh14.xyz *.dev.xnh14.xyz *.gateway.xnh14.xyz *.mail.xnh14.xyz *.mailer.xnh14.xyz *.marketing.xnh14.xyz *.qa.xnh14.xyz *.rustore.xnh14.xyz *.secure.xnh14.xyz *.staging.xnh14.xyz *.test.xnh14.xyz *.uat.xnh14.xyz *.ww25.xnh14.xyz *.ww38.xnh14.xyz xnh14.xyz *.xnh14.xyz