SSL Certificate Analysis for hostmaster.douleurs.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=binzerbenefitgroup2.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

48:BF:2A:EF:C2:D0:EC:36:45:0C:77:B7:6C:D5:48:CB:0A:2B:C5:C2:B9:B4:14:72:77:6D:DE:F5:A4:FF:3A:97

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

douleurs.com *.douleurs.com *.demo.douleurs.com *.hostmaster.douleurs.com

Other domains in certificate

airuan.com *.airuan.com *.blog.airuan.com *.demo.airuan.com *.hostmaster.airuan.com

anazonprime.com *.anazonprime.com

austensharp.com *.austensharp.com *.blog.austensharp.com *.remote.austensharp.com *.secure.austensharp.com

*.1d07db73-e449-4eb8-aea8-f1cc6b646c97.binzerbenefitgroup2.com *.api.binzerbenefitgroup2.com *.app.binzerbenefitgroup2.com binzerbenefitgroup2.com *.binzerbenefitgroup2.com *.store.binzerbenefitgroup2.com *.vpn.binzerbenefitgroup2.com

casasanjuan.com *.casasanjuan.com *.forums.casasanjuan.com *.random.casasanjuan.com *.rustore.casasanjuan.com *.sslvpn2.casasanjuan.com

chinarxbook.com *.chinarxbook.com

*.amhtcbzojey2sune4it9cfrccj.farfaris.com farfaris.com *.farfaris.com *.fchuam65t5zmcnjdj65l4fjy3k.farfaris.com *.id4xo9d4g2z9c2uhwwidibzvmk.farfaris.com *.uvonitlqfcmvsb2z3od33exq2b.farfaris.com

ginbroker.com *.ginbroker.com *.ww.ginbroker.com *.ww38.ginbroker.com

*.autodiscover.hotelcostaportals.com hotelcostaportals.com *.hotelcostaportals.com

ilike.design *.ilike.design *.staging.ilike.design

kielce.it *.kielce.it *.ksenia.kielce.it

kiswah-towers-595224216.click *.kiswah-towers-595224216.click

luxetravelmoments.xyz *.luxetravelmoments.xyz

*.m.paneli.net *.mail.paneli.net paneli.net *.paneli.net

propertyforsale.net *.propertyforsale.net

qs587.xyz *.qs587.xyz *.ww25.qs587.xyz *.ww38.qs587.xyz

*.ai.toolwiz.online *.amb.toolwiz.online *.anva.toolwiz.online *.cpanel.toolwiz.online *.cpcalendars.toolwiz.online *.cpcontacts.toolwiz.online *.email.toolwiz.online *.kart.toolwiz.online *.mail.toolwiz.online *.seo.toolwiz.online toolwiz.online *.toolwiz.online *.web.toolwiz.online *.webdisk.toolwiz.online *.webmail.toolwiz.online *.ww25.toolwiz.online

*.extra.undercover.life *.mx.undercover.life undercover.life *.undercover.life

*.admin.vibetpro.life *.ezetpexternal.vibetpro.life *.store.vibetpro.life vibetpro.life *.vibetpro.life *.www.vibetpro.life