SSL Certificate Analysis for fifearmsbraemar.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=fifearmsbraemar.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 25, 2026

Valid Until

April 25, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FB:BF:FA:6D:02:5D:94:72:87:95:C4:DB:78:C0:D6:58:9E:C4:0C:4F:36:1F:F0:D3:55:1C:4C:DE:79:51:C6:9D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

fifearmsbraemar.com *.fifearmsbraemar.com *.www.fifearmsbraemar.com

Other domains in certificate

3pit.com *.3pit.com *.ww11.3pit.com

basics4mac.com *.basics4mac.com *.sitemap.basics4mac.com

dotconcerts.com *.dotconcerts.com *.hostmaster.dotconcerts.com

gourmetgirl.com.au *.gourmetgirl.com.au *.ww16.gourmetgirl.com.au *.ww38.gourmetgirl.com.au

matademolab.com *.matademolab.com *.sketch.matademolab.com

*.dev.methodscollector.com methodscollector.com *.methodscollector.com *.random.methodscollector.com

michigan.com.au *.michigan.com.au *.random.michigan.com.au

*.m.nanrenvlp.com nanrenvlp.com *.nanrenvlp.com *.random.nanrenvlp.com

outfits.com.au *.outfits.com.au

pragueprincess.cz *.pragueprincess.cz *.ww25.pragueprincess.cz

purposelyawakened.com *.purposelyawakened.com

romeaccommodation.com.au *.romeaccommodation.com.au

sextop01.org *.sextop01.org *.testing.sextop01.org

susunabati-david24.click *.susunabati-david24.click *.www.susunabati-david24.click

thecommunitycenterofabingdon.com *.thecommunitycenterofabingdon.com *.ww38.thecommunitycenterofabingdon.com

*.f.westbrook.club westbrook.club *.westbrook.club

*.random.whatis.com.au whatis.com.au *.whatis.com.au *.ww38.whatis.com.au

*.vr.zennioptiical.com zennioptiical.com *.zennioptiical.com