SSL Certificate Analysis for catbox.moe - Security Grade & TLS Configuration

Open Cached · 40m ago

95/100 SECURITY SCORE

Certificate Information

Subject

CN=catbox.moe

Issuer

C=US, O=Let's Encrypt, CN=E8

Valid From

November 14, 2025

Valid Until

February 12, 2026 78 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

62:AC:C2:1B:30:47:BC:33:51:76:40:9A:5E:31:D5:56:6E:71:6E:B0:40:92:E9:7D:E6:80:5F:63:27:31:10:F9

Alternative Names

2 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Good

default-src; connect-src; img-src; +4 more

default-src 'self'; connect-src https://devnull.perfops.net https://*.test.resolver.perfops.net https://test-perfops.wedos.delivery https://cdn.perftest.f5-cloud-demo.com https://test-perfops.blazingcdn.com https://eo-perfops4.qcloudteo.com https://eo-perfops6.qcloudteo.com https://perfops.cloudflareperf.com https://eo-perfops10.qcloudteo.com https://perf-test.sufycdn.com https://eo-perfops8.qcloudteo.com https://cdn.jsdelivr.net https://eo-perfops1.qcloudteo.com https://perf.qinglanbaseunicast.com https://d3888oxgux3fey.cloudfront.net https://eo-static-perfops.qcloudcdn.com https://cdn23602612.ahacdn.me https://rum.perfops.cdb.cdn.orange.com https://perfops.byte-test.com https://akamai-cdn.perfops.io https://eo-static-perfops1.qcloudcdn.com https://cdnperf.cachefly.net https://medianova-cdnperf.mncdn.com https://djlzvy5xcvhxt.cloudfront.net https://1596384882.rsc.cdn77.org https://d161f70cbh7kx6.cloudfront.net https://medianova-cdnvperf.mncdn.com https://cdnperf.vergecloud.com https://perfops.gcorelabs.com https://25748s.ha.azioncdn.net https://test-perfops.haproxy.com https://perfops.swiftycdn.net https://perfops2.byte-test.com https://eo-perfops5.qcloudteo.com https://ultrawaf.canary.scrubbingcenter.com https://eo-perfops9.qcloudteo.com https://cdnperf-rum.cdnetworks.net https://perfops.edge.run https://eo-perfops2.qcloudteo.com https://eo-static-perfops3.qcloudcdn.com https://ovh-cdn.perfops.io https://eo-perfops7.qcloudteo.com https://afdcdnperf-e8aeffg7frd0a3c0.z01.azurefd.net https://proxy.canary.scrubbingcenter.com https://perfops1.b-cdn.net https://perfops-bench.sos-ch-gva-2.exoscale-cdn.com https://eo-perfops3.qcloudteo.com https://perfops-static.freetls.fastly.net https://perfopsrumapi.akamaized.net https://test-perfops.ldgslb.com https://cpt96125.shopvoxpopulus.com https://perfopsrum.akamaized.net https://perfopsrum-eip.akamaized.net https://eo-static-perfops2.qcloudcdn.com https://perfops.test.edgekey.net https://test-perfops.idevops.suijinetworks.com https://cdnperf-rum.quantil.com https://rum.perfops.mdb.cdn.orange.com https://rum-cdn.perfops.net 'self'; img-src 'self' https://quickchart.io https://files.catbox.moe; media-src 'self' https://files.catbox.moe; style-src 'self' 'unsafe-inline'; script-src https://www.google.com https://www.gstatic.com https://cdn.perfops.net 'self' 'unsafe-inline'; frame-src https://www.google.com;

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Present

accelerometer=(),ambient-light-sensor=(),autoplay=(),battery=(),camera=(),display-capture=(),document-domain=(),encrypted-media=(),execution-while-not-rendered=(),execution-while-out-of-viewport=(),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=(),local-fonts=(),magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),publickey-credentials-create=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),speaker-selection=(),storage-access=(),usb=(),web-share=(),xr-spatial-tracking=()

Recommendations

• Strengthen CSP by removing 'unsafe-eval'

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

2 domains

catbox.moe files.catbox.moe

Free Cloud Credits

Get free credits to test cloud platforms