SSL Certificate Analysis for checkyoursuper.au - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=dpstream.icu

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

December 19, 2025

Valid Until

March 19, 2026 32 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

07:FC:4A:F2:FE:C9:81:88:1B:62:78:66:AD:24:6E:04:1F:5D:5E:DB:62:0B:D9:E4:B0:9E:68:CC:FF:39:A8:12

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

checkyoursuper.au *.checkyoursuper.au *.go.checkyoursuper.au *.info.checkyoursuper.au *.secure.checkyoursuper.au

Other domains in certificate

antasymansion.co *.antasymansion.co *.ww25.antasymansion.co

*.api.cncpa.com cncpa.com *.cncpa.com *.hostmaster.cncpa.com *.imap.cncpa.com *.owa.cncpa.com

*.birthday.cousteau.studio *.clients.cousteau.studio cousteau.studio *.cousteau.studio *.imec.cousteau.studio *.random.cousteau.studio *.ziegfeld-follies.cousteau.studio *.ziegfeld.cousteau.studio

*.analytics-sandbox.daftsex.bet *.d0f9e3f6-618c-49a5-b5cb-2efb62dec1cb.daftsex.bet daftsex.bet *.daftsex.bet *.dev.daftsex.bet *.insight.daftsex.bet *.new.daftsex.bet *.prod.daftsex.bet *.staging.daftsex.bet *.wildcard.daftsex.bet *.ww16.daftsex.bet *.ww2.daftsex.bet *.ww25.daftsex.bet *.ww38.daftsex.bet

dpstream.icu *.dpstream.icu *.ww.dpstream.icu *.ww16.dpstream.icu *.ww25.dpstream.icu *.ww3.dpstream.icu *.ww38.dpstream.icu

*.38.fullscholarsintel.online *.cotland.fullscholarsintel.online *.cpcalendars.fullscholarsintel.online fullscholarsintel.online *.fullscholarsintel.online *.mail.fullscholarsintel.online *.norway.fullscholarsintel.online *.scotland.fullscholarsintel.online *.webdisk.fullscholarsintel.online *.ww25.fullscholarsintel.online

*.admin.independentsportssupply.com independentsportssupply.com *.independentsportssupply.com *.m.independentsportssupply.com *.old.independentsportssupply.com *.ww16.independentsportssupply.com *.ww38.independentsportssupply.com

*.com.soremen.com *.dy.soremen.com *.httdy.soremen.com *.httpsdy.soremen.com soremen.com *.soremen.com *.ws.soremen.com *.wss.soremen.com

*.random.thatsquatbot.com *.server.thatsquatbot.com thatsquatbot.com *.thatsquatbot.com *.ww25.thatsquatbot.com

*.a7e7e69c-ba06-4e55-bb38-19bd1ce54f0b.wallpaperdesigner.net *.api.wallpaperdesigner.net *.cloud.wallpaperdesigner.net *.dev.wallpaperdesigner.net *.rd.wallpaperdesigner.net *.rds.wallpaperdesigner.net *.uat.wallpaperdesigner.net *.vpn.wallpaperdesigner.net wallpaperdesigner.net *.wallpaperdesigner.net *.www.wallpaperdesigner.net

*.wildcard.xmoviesfortou.com *.ww25.xmoviesfortou.com *.ww38.xmoviesfortou.com xmoviesfortou.com *.xmoviesfortou.com