SSL Certificate Analysis for postmaster.dayofwar.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=durgachalisapdf.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 23, 2026

Valid Until

August 21, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DC:38:D9:D8:CB:1A:91:18:8C:9E:27:BF:8A:33:15:74:8F:E8:51:AF:43:6F:E1:DD:72:34:F8:E5:A3:B1:EF:B4

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

dayofwar.it *.dayofwar.it *.access.dayofwar.it *.autoconfig.dayofwar.it *.clientesvpn.dayofwar.it *.connect.dayofwar.it *.eposta.dayofwar.it *.exchangecorp.dayofwar.it *.exchmail.dayofwar.it *.forum.dayofwar.it *.hostmaster.dayofwar.it *.imap.dayofwar.it *.mc.dayofwar.it *.msexch2k13.dayofwar.it *.play.dayofwar.it *.postmaster.dayofwar.it *.rds.dayofwar.it *.smail.dayofwar.it *.ssl.dayofwar.it *.store.dayofwar.it *.supporto.dayofwar.it *.svpnph.dayofwar.it *.ts.dayofwar.it *.ts3.dayofwar.it *.vpn-ext.dayofwar.it

Other domains in certificate

*.4729521.47992.xyz 47992.xyz *.47992.xyz *.7885561.47992.xyz *.8ffp6x.47992.xyz *.d.47992.xyz *.lxejpj2zfz.47992.xyz *.mailer.47992.xyz *.mqvoswfu.47992.xyz *.q2s8t.47992.xyz *.xfqdademo.47992.xyz

867878.vip *.867878.vip *.api.867878.vip *.backup.867878.vip *.dashboard.867878.vip *.intranet.867878.vip *.j447n3.867878.vip *.mail.867878.vip *.mailer.867878.vip *.marketing.867878.vip *.nfpraxbrczqki.867878.vip *.nxiukmarketing.867878.vip *.public.867878.vip *.qa.867878.vip *.qmaimuat.867878.vip *.secure.867878.vip *.staging.867878.vip *.stg.867878.vip *.uat.867878.vip *.v1.867878.vip *.v2.867878.vip *.vip.867878.vip *.web.867878.vip *.wert2j.867878.vip *.xbrczqki.867878.vip

bokepindo21.top *.bokepindo21.top *.prod.bokepindo21.top

durgachalisapdf.com *.durgachalisapdf.com *.stage.durgachalisapdf.com *.www.durgachalisapdf.com

e5484391.vip *.e5484391.vip *.stage.e5484391.vip

*.app.fnmainland.net fnmainland.net *.fnmainland.net *.stage.fnmainland.net *.ww25.fnmainland.net *.www.fnmainland.net

*.api.onchainperson.com *.git.onchainperson.com onchainperson.com *.onchainperson.com *.vpn.onchainperson.com *.www.onchainperson.com

*.admin.shint.it *.api.shint.it *.checkout.shint.it *.owa.shint.it shint.it *.shint.it *.www.shint.it