SSL Certificate Analysis for app.fox789.vin - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=35154.loan

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 04, 2026

Valid Until

July 03, 2026 51 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

44:8D:54:E0:11:E5:1C:CB:B5:39:CE:DE:1B:85:1E:C3:AA:4C:CB:5D:8B:E5:58:55:A7:36:34:F1:13:92:8C:11

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

fox789.vin *.fox789.vin

Other domains in certificate

00217.loan *.00217.loan

0534.loan *.0534.loan

18999.loan *.18999.loan

20287.top *.20287.top

23199.locker *.23199.locker

23657.delivery *.23657.delivery

26743149.vip *.26743149.vip

26761766.vip *.26761766.vip

26764.locker *.26764.locker

27s6.cc *.27s6.cc

29519.locker *.29519.locker

296564.club *.296564.club

33324.top *.33324.top

35154.loan *.35154.loan

35694.top *.35694.top

35894.buzz *.35894.buzz

89111159.cc *.89111159.cc

abcde.toys *.abcde.toys

dfgshg.cc *.dfgshg.cc

dmjcahrjltqhlpuyaouy.com *.dmjcahrjltqhlpuyaouy.com

earthfirstalliancegroup.org *.earthfirstalliancegroup.org

exig2f.top *.exig2f.top

fergus-macdonald.com *.fergus-macdonald.com

fgijk.com *.fgijk.com

finedisc.com *.finedisc.com

forgeguardian364.top *.forgeguardian364.top

gamerworld.io *.gamerworld.io

geaml.town *.geaml.town

gpt5.fund *.gpt5.fund

guefq.help *.guefq.help

hceul.app *.hceul.app

hwdw.in *.hwdw.in

immediateaiurex.com *.immediateaiurex.com

ip9.pro *.ip9.pro

kffvd.app *.kffvd.app

lead-generation-companies.click *.lead-generation-companies.click

propjunctione.com *.propjunctione.com

qhigce.loan *.qhigce.loan

ranemhanquoc.com *.ranemhanquoc.com

rhof4j.top *.rhof4j.top

smokealmost.net *.smokealmost.net

swiftaction.click *.swiftaction.click

talenthafenhamburg.com *.talenthafenhamburg.com