SSL Certificate Analysis for couk.org - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=go-88.club

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 13, 2026

Valid Until

April 13, 2026 56 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3C:EC:5C:DD:3A:57:78:95:71:7E:B3:C5:A8:73:15:17:E9:49:10:06:CE:AD:DD:BA:2A:5B:4B:DE:A2:F3:0D:58

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

couk.org *.couk.org *.ns1.couk.org

Other domains in certificate

animedia.site *.animedia.site *.ww38.animedia.site

capital-recovery.co *.capital-recovery.co *.random.capital-recovery.co *.ww38.capital-recovery.co

cloudimage.xyz *.cloudimage.xyz *.i.cloudimage.xyz *.i2.cloudimage.xyz *.i3.cloudimage.xyz *.i4.cloudimage.xyz *.i5.cloudimage.xyz *.iwebp.cloudimage.xyz

elitetorrent.io *.elitetorrent.io *.ww25.elitetorrent.io

gm678.cc *.gm678.cc *.ww25.gm678.cc

go-88.club *.go-88.club *.ssl.go-88.club *.sslvpn.go-88.club *.website.go-88.club *.www.go-88.club

*.aumonerieducpcontacts.greenzbiobar.com greenzbiobar.com *.greenzbiobar.com *.greenzbiobar.greenzbiobar.com

hvt.au *.hvt.au *.ww38.hvt.au

lavabrick.com *.lavabrick.com

lovepotion.au *.lovepotion.au *.ww17.lovepotion.au *.ww25.lovepotion.au

*.1.mmflix.store *.dooo.mmflix.store *.id.mmflix.store *.maharhome.mmflix.store *.marketbob.mmflix.store mmflix.store *.mmflix.store *.net.mmflix.store *.plan.mmflix.store *.research.mmflix.store *.sngine.mmflix.store *.wowonder.mmflix.store

panerabreak.com *.panerabreak.com *.victory.panerabreak.com

railroad.academy *.railroad.academy *.ww25.railroad.academy

suachitose.online *.suachitose.online *.testing.suachitose.online

*.random.tabitla.store tabitla.store *.tabitla.store

ticketresale.com.au *.ticketresale.com.au *.ww16.ticketresale.com.au *.ww38.ticketresale.com.au

totalwebshied.com *.totalwebshied.com

*.ajudando.uns.au *.library.uns.au *.unityu.uns.au uns.au *.uns.au

*.app.upgrase.com *.hostmaster.upgrase.com upgrase.com *.upgrase.com *.ww25.upgrase.com

usha.au *.usha.au *.ww25.usha.au

*.cdn2.xvideosx.pro *.cdn3.xvideosx.pro xvideosx.pro *.xvideosx.pro