SSL Certificate Analysis for exitfund.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=rockinbabe.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 21, 2026

Valid Until

July 20, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C4:7E:8A:1D:E9:7B:75:65:8B:D4:73:78:D7:5D:51:89:E7:91:D7:60:6E:3A:A7:C7:E9:E0:E4:4D:DF:13:1B:10

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

exitfund.net *.exitfund.net *.backend.exitfund.net

Other domains in certificate

1092yhc301.top *.1092yhc301.top *.kwid9.1092yhc301.top

alderclifferidingestablishment.co.uk *.alderclifferidingestablishment.co.uk *.ww25.alderclifferidingestablishment.co.uk

bellaparma.com.br *.bellaparma.com.br *.ns1.bellaparma.com.br *.ww25.bellaparma.com.br

*.analytics.biskuit.click biskuit.click *.biskuit.click *.cpanel.biskuit.click *.ww25.biskuit.click

bofrosr.de *.bofrosr.de *.hr.bofrosr.de *.random.bofrosr.de

bradleymedia.org *.bradleymedia.org

cheapsell.life *.cheapsell.life

*.5c45ec46-d1d9-4c5e-ad53-e8386f6f437a.ffffc.hair *.backup.ffffc.hair *.dev.ffffc.hair *.edit.ffffc.hair ffffc.hair *.ffffc.hair *.omsk.ffffc.hair *.staging.ffffc.hair *.uat.ffffc.hair

frontlineedint.tech *.frontlineedint.tech *.morpheus-lite.frontlineedint.tech

*.adblock.gamehit247.biz gamehit247.biz *.gamehit247.biz *.web.gamehit247.biz

info-bob.com *.info-bob.com

jptube.sbs *.jptube.sbs *.ww25.jptube.sbs

*.bookings.laloft.com.au laloft.com.au *.laloft.com.au

*.anzio.librecrypt.eu *.carcare.librecrypt.eu *.cartignano.librecrypt.eu *.castelfranco-veneto.librecrypt.eu *.chiampo.librecrypt.eu *.divignano.librecrypt.eu *.legnano.librecrypt.eu librecrypt.eu *.librecrypt.eu *.malo.librecrypt.eu *.opera.librecrypt.eu *.pinerolo.librecrypt.eu *.rocca-di-papa.librecrypt.eu *.sanfre.librecrypt.eu *.sant-anna-d-alfaedo.librecrypt.eu

*.mail.moviehd-master.com moviehd-master.com *.moviehd-master.com *.www.moviehd-master.com

*.blackhole.oreremainlya.club *.brands.oreremainlya.club *.chase.oreremainlya.club *.dealer.oreremainlya.club *.dns11.oreremainlya.club *.esp.oreremainlya.club *.formations.oreremainlya.club *.investigacion.oreremainlya.club *.mobileapps.oreremainlya.club oreremainlya.club *.oreremainlya.club *.random.oreremainlya.club *.synergy.oreremainlya.club *.talent.oreremainlya.club *.websearch.oreremainlya.club *.wildcard.oreremainlya.club

rockinbabe.com *.rockinbabe.com *.www.rockinbabe.com

storeepicgames.com *.storeepicgames.com