SSL Certificate Analysis for fcp.com.pl - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=158bet.bet

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 30, 2026

Valid Until

April 30, 2026 74 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3C:11:3D:6E:8C:62:4C:C4:D7:80:19:6A:87:DD:E4:F4:86:FB:43:E9:EF:BA:93:A9:5B:A3:95:54:C8:F4:D3:B5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

fcp.com.pl *.fcp.com.pl *.demo.fcp.com.pl *.dev.fcp.com.pl *.hostmaster.fcp.com.pl *.relay1.fcp.com.pl *.staging.fcp.com.pl

Other domains in certificate

158bet.bet *.158bet.bet *.argo-beta.158bet.bet *.ci.158bet.bet *.data.158bet.bet

500px.pro *.500px.pro *.apc.500px.pro *.b.500px.pro *.c.500px.pro *.hpbidmev.500px.pro *.hwt.500px.pro *.lz6.500px.pro *.s.500px.pro *.www.500px.pro

australiannews.net.au *.australiannews.net.au

autorisierteagentur.de *.autorisierteagentur.de *.wildcard.autorisierteagentur.de

checkingseo.com *.checkingseo.com *.ww1.checkingseo.com *.ww38.checkingseo.com

*.chat.fiestatexas.com fiestatexas.com *.fiestatexas.com

horizonnjhealh.com *.horizonnjhealh.com *.www.horizonnjhealh.com

jzsp156.com *.jzsp156.com *.sitemap.jzsp156.com

*.hd.kino-2024.info kino-2024.info *.kino-2024.info

lawyerinformation.co *.lawyerinformation.co *.mail.lawyerinformation.co

makadem.com *.makadem.com *.ww25.makadem.com

*.api.medicalnegligenceclaim.com.au medicalnegligenceclaim.com.au *.medicalnegligenceclaim.com.au

mposlot2121.net *.mposlot2121.net *.ww25.mposlot2121.net

*.5d21voseaj.singingman.us *.9d655f68-1137-4bfd-8052-8218d64adeb6.singingman.us *.api.singingman.us *.app.singingman.us *.assets.singingman.us *.cevfymta-sts.singingman.us *.dashboard.singingman.us *.demo.singingman.us *.dev.singingman.us *.m.singingman.us *.reporting.singingman.us singingman.us *.singingman.us *.vpn.singingman.us *.webmail.singingman.us *.wildcard.singingman.us *.ww1.singingman.us *.ww25.singingman.us *.ww3.singingman.us *.ww6.singingman.us

*.3882689c-6534-4c4a-b38c-ae7a4f754c9a.uahuldealer.com *.blog.uahuldealer.com *.random.uahuldealer.com uahuldealer.com *.uahuldealer.com *.ww25.uahuldealer.com *.ww38.uahuldealer.com

*.sitemap.ufars.info ufars.info *.ufars.info

waschtrockner-de.com *.waschtrockner-de.com

*.ww38.www-oxtorrent1.com www-oxtorrent1.com *.www-oxtorrent1.com