SSL Certificate Analysis for ssl.benamor.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=benamor.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 09, 2026

Valid Until

May 10, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EB:88:A2:F1:1B:45:83:AD:D8:78:24:86:4D:E2:2E:53:74:37:EC:23:E6:72:96:27:C5:25:96:BD:AA:3F:E3:49

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

benamor.com *.benamor.com *.authsmtp.benamor.com *.backup.benamor.com *.blog.benamor.com *.connect.benamor.com *.crm.benamor.com *.demo.benamor.com *.gateway.benamor.com *.hostmaster.benamor.com *.imap-mail.benamor.com *.mail.benamor.com *.mail1.benamor.com *.mail4.benamor.com *.mobileconnect.benamor.com *.ms1.benamor.com *.officevpn.benamor.com *.rds.benamor.com *.rds1.benamor.com *.rdweb.benamor.com *.remote.benamor.com *.remote2.benamor.com *.secure.benamor.com *.server2.benamor.com *.sitemap.benamor.com *.sitemaps.benamor.com *.ssl.benamor.com *.sslvpn3.benamor.com *.studentsvpn.benamor.com *.vpn.benamor.com *.vpn2.benamor.com *.vpn3.benamor.com *.vpnssl.benamor.com

Other domains in certificate

*.adguard.boldvekra.com boldvekra.com *.boldvekra.com

dongma.com *.dongma.com

*.bingo.dumps.com *.cisco.dumps.com *.cum.dumps.com dumps.com *.dumps.com *.instagram.dumps.com *.json.dumps.com *.lead2pass.dumps.com *.legit.dumps.com

klinikkelamin.co *.klinikkelamin.co *.nk.klinikkelamin.co

*.5ea875a6-887e-43b1-826e-f54554332295.quickdeal.sbs *.community.quickdeal.sbs *.ftp.quickdeal.sbs *.localhost.quickdeal.sbs *.mail.quickdeal.sbs quickdeal.sbs *.quickdeal.sbs *.webmail.quickdeal.sbs

shilajitchews.com *.shilajitchews.com *.store.shilajitchews.com *.zfqiwshop.shilajitchews.com

*.admin.yamunanagar.com *.api.yamunanagar.com *.app.yamunanagar.com *.assets.yamunanagar.com *.c3.yamunanagar.com *.dev.yamunanagar.com *.edge.yamunanagar.com *.efotunm.yamunanagar.com *.m.yamunanagar.com *.members.yamunanagar.com *.nm.yamunanagar.com *.sitemap.yamunanagar.com *.sitemaps.yamunanagar.com *.test.yamunanagar.com yamunanagar.com *.yamunanagar.com

*.cpcalendars.zhanewhite.com *.ftp.zhanewhite.com *.gp.zhanewhite.com *.lime.zhanewhite.com *.m.zhanewhite.com *.mail.zhanewhite.com *.sitemap.zhanewhite.com *.webmail.zhanewhite.com *.whm.zhanewhite.com *.www.zhanewhite.com zhanewhite.com *.zhanewhite.com