SSL Certificate Analysis for ftp.furls.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=aracelisharrelson.click

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 03, 2026

Valid Until

May 04, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

42:E9:66:FD:AB:D2:3B:A5:0B:6C:26:E0:2A:23:86:21:81:73:71:19:C3:7E:37:B2:85:2A:11:81:0B:A1:A2:E8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

furls.com *.furls.com *.cloudvpn.furls.com *.gate.furls.com *.portal.furls.com *.ravpn.furls.com

Other domains in certificate

aracelisharrelson.click *.aracelisharrelson.click *.wildcard.aracelisharrelson.click

basseda.com *.basseda.com *.cpanel.basseda.com *.security.basseda.com *.webvpn.basseda.com

cv777.vip *.cv777.vip *.wildcard.cv777.vip

*.3nxyc.deepfunds.xyz deepfunds.xyz *.deepfunds.xyz *.s5kjz.deepfunds.xyz *.snx68.deepfunds.xyz *.wsct4.deepfunds.xyz

hitclubf.top *.hitclubf.top *.x7pal.hitclubf.top

insidegossiplane.xyz *.insidegossiplane.xyz *.wsct4.insidegossiplane.xyz *.wslq2.insidegossiplane.xyz

kairustaubu.com *.kairustaubu.com *.ww38.kairustaubu.com

orangegenieedge.com *.orangegenieedge.com *.wildcard.orangegenieedge.com

pradavip.co *.pradavip.co *.wildcard.pradavip.co

*.absorb.rnyeuk.com *.acquire.rnyeuk.com *.adviser.rnyeuk.com *.after.rnyeuk.com *.again.rnyeuk.com *.airport.rnyeuk.com *.angry.rnyeuk.com *.anxiety.rnyeuk.com *.anymore.rnyeuk.com *.arm.rnyeuk.com *.article.rnyeuk.com *.at.rnyeuk.com *.athlete.rnyeuk.com *.attend.rnyeuk.com *.badly.rnyeuk.com *.balance.rnyeuk.com *.bank.rnyeuk.com *.bar.rnyeuk.com *.battery.rnyeuk.com *.bear.rnyeuk.com *.become.rnyeuk.com *.better.rnyeuk.com *.bike.rnyeuk.com *.bite.rnyeuk.com *.block.rnyeuk.com *.bomb.rnyeuk.com *.breath.rnyeuk.com *.brush.rnyeuk.com *.bus.rnyeuk.com *.cast.rnyeuk.com *.hx64z2.rnyeuk.com *.hx65z2.rnyeuk.com *.hx6gz4.rnyeuk.com *.hx6rz1.rnyeuk.com *.hx6rz2.rnyeuk.com *.hx6sz2.rnyeuk.com *.hx6wz1.rnyeuk.com *.hx6xz2.rnyeuk.com *.hx7jz1.rnyeuk.com *.hx7jz3.rnyeuk.com *.hx7kz2.rnyeuk.com *.hx7pz2.rnyeuk.com *.hx7pz4.rnyeuk.com *.hx7tz3.rnyeuk.com *.hx7xz2.rnyeuk.com *.hx7xz5.rnyeuk.com *.random.rnyeuk.com rnyeuk.com *.rnyeuk.com *.wildcard.rnyeuk.com *.ww25.rnyeuk.com