SSL Certificate Analysis for app.streamingeast.live - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=daleel.store

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

33:D0:58:38:75:2A:42:3F:2C:D6:3F:A7:5D:43:9C:CE:E0:17:E9:1E:CE:57:CA:2F:A4:51:EC:85:B3:50:32:2E

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

streamingeast.live *.streamingeast.live *.admin.streamingeast.live *.app.streamingeast.live *.broomtts.streamingeast.live *.emv1.streamingeast.live *.random.streamingeast.live *.sitemap.streamingeast.live *.sitemaps.streamingeast.live *.wildcard.streamingeast.live *.ww1.streamingeast.live

Other domains in certificate

aragitkaroniiosdalenwise.cyou *.aragitkaroniiosdalenwise.cyou *.hostmaster.aragitkaroniiosdalenwise.cyou *.localhost.aragitkaroniiosdalenwise.cyou *.mail.aragitkaroniiosdalenwise.cyou *.staging.aragitkaroniiosdalenwise.cyou *.www.aragitkaroniiosdalenwise.cyou

benefbarec.online *.benefbarec.online *.ww25.benefbarec.online *.ww38.benefbarec.online

daleel.store *.daleel.store *.mail.daleel.store

*.development.disboard.xyz disboard.xyz *.disboard.xyz *.flow.disboard.xyz *.gogs.disboard.xyz *.jenkins.disboard.xyz *.uat.disboard.xyz *.ww25.disboard.xyz

fearfullyandwonderfullymade.store *.fearfullyandwonderfullymade.store *.pay.fearfullyandwonderfullymade.store

habibibooks.com *.habibibooks.com *.lms.habibibooks.com *.remote.habibibooks.com *.secure.habibibooks.com *.stg.habibibooks.com

horsel.info *.horsel.info *.ww25.horsel.info

*.es.jg-gaming.co jg-gaming.co *.jg-gaming.co

lscards.co *.lscards.co *.ww25.lscards.co

*.admin.mobileexpress.club *.hotfix.mobileexpress.club *.m.mobileexpress.club mobileexpress.club *.mobileexpress.club *.production.mobileexpress.club *.ww.mobileexpress.club *.ww1.mobileexpress.club *.www.mobileexpress.club

*.16bz5.new8822.top *.8r9pg.new8822.top *.c42dca46-e272-4607-a6db-d6ebca0f134a.new8822.top *.css.new8822.top *.db1.new8822.top *.discussion.new8822.top *.docu.new8822.top *.eu3rm.new8822.top *.forum.new8822.top *.fu1fc.new8822.top *.fz4qv.new8822.top *.g22y8.new8822.top *.gitlab.new8822.top *.health.new8822.top *.invoice.new8822.top *.lmdxurhawxmio.new8822.top new8822.top *.new8822.top *.node.new8822.top *.nodejs.new8822.top *.nslow.new8822.top *.oahlw.new8822.top *.pay.new8822.top *.slfpx89wkp.new8822.top *.sso.new8822.top *.wsct4.new8822.top *.x7pal.new8822.top

novabokt-mmc.online *.novabokt-mmc.online