SSL Certificate Analysis for guctekmakina.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=sunlightsolar.am

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

October 27, 2025

Valid Until

January 25, 2026 72 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5C:DD:24:44:92:AC:AF:D6:D8:DA:99:FE:43:29:5E:46:2F:D6:F5:8F:65:71:D3:E3:D8:0C:6E:4D:0D:A0:25:36

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

guctekmakina.com

Other domains in certificate

staging.app.cupcake.29k.org

invite.agendaboa.com

xrm-ex.ahash.dev

amwellamg.com

www.ayangadpal.com

aylton.dev

www.begoapp.com

bngo.app

schedulermtlvans.boxknight.com

brandonkenter.com

buttocks.online

www.camerabreaker.in

kiosk.cleanbox.co.il

ramverma-portfolio.co.in

manage-stg.vonder.co.th

www.codebase.org

codeshare.in

conversionharmony.se

cribbenhillanalytics.com

ctk.app

delestine.com

www.easyprocesspa.com

eatenbypixels.com

test.eldapilates.com

expresstrucksales.com

www.ezzioffer.app

uat-dlinks.farther.com

fedmich.com

membership.fraternityindia.org

gigahome.cloud

admin.qa.apps.globant.com

admin.go2work.com

www.goodhopewa.com

textlist.halfeld.dk

howard.games

i-predict.it

www.immogluecklich.com

infinitytechniques.com

dev.reports.infusioncenter.org

singlecelldb.irepertoire.com

itas-cloud.com

jm-assessoria.com

image-game-prototype.joedalton.io

joelogs.com

fellowship-kentucky.clients.joinpromise.com

site.jotz.app

www.clientes.k-9apps.com

games.kulakovdmitr.com

lair-of-cerberus.com

ods.leandrodasilva.dev

alert.livewatchcentral.com

motospotbw.com

www.mynutritionstation.com

app.nemando.is

nerdchakra.com

portal.noknokgroceries.com

www.nullify.uno

seats.opentix.life

oscardanielotero.dev

partimerinc.com

hartree.portal.plenadata.com

www.plthub.app

cdm.prachakij.com

www.progressivemerchstore.com

apps.public-plus.jp

re-ality.co.uk

reactnativemarket.com

lentheta.resourcez.org

rugcityindia.com

refer.rummytime.com

sangarsamaj.com

www.sathiyaraman-m.com

savedby.io

app.semidiyug.com

simpleappli.com

singinglessonsyork.co.uk

sm24h.com

link.staging-saraya-totalhealth.com

sunlightsolar.am

superhappytech.com

synthelize.com

chef.takein.com

test-offer.terass.dev

thenerdlabs.dev

thisorthatplus.com

links-uat.trybench.com

www.plus.tryginger.app

valtpay.io

dashboard.video-recruit.app

kotlin-dependency-injection.vstrs.dev

www.wana-bros.com

wegetbread.xyz

woosart.com

worldtrade.vip

wowdevelop.ru

wreathology.co

www.yourebeyondbeauty.com

zapthematch.com

boilerplate.zkblock.app