SSL Certificate Analysis for golfstrike.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=china-accountant.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 11, 2026

Valid Until

August 09, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4E:17:61:24:66:AA:31:D4:E3:8E:2F:A8:71:52:60:1C:54:D9:8A:3F:DB:66:B5:3C:7B:0D:3E:DA:56:A7:DE:0E

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

golfstrike.net *.golfstrike.net

Other domains in certificate

04220.town *.04220.town

2133596989.cfd *.2133596989.cfd

37552.co *.37552.co

433031.xyz *.433031.xyz

43387.co *.43387.co

43408.mobi *.43408.mobi

454525.co *.454525.co

454548.co *.454548.co

6820769264.cfd *.6820769264.cfd

71993.loan *.71993.loan

96714.one *.96714.one

bdgwin808.com *.bdgwin808.com

boeingrecruiter.com *.boeingrecruiter.com

capvalyx.com *.capvalyx.com

china-accountant.com *.china-accountant.com

chowlicious.com *.chowlicious.com

delta-pulseport.xyz *.delta-pulseport.xyz

*.admin.devdominos.com *.api.devdominos.com *.assets.devdominos.com devdominos.com *.devdominos.com *.mx.devdominos.com *.panel.devdominos.com *.rds.devdominos.com *.vpn.devdominos.com

doctouchstormhq.info *.doctouchstormhq.info

ebookinga.com *.ebookinga.com

extaenergie.de *.extaenergie.de

extendhuman.com *.extendhuman.com

ffzfnub350090525n6x.cfd *.ffzfnub350090525n6x.cfd

fhcqzp.loan *.fhcqzp.loan

freshtouchstormhub.info *.freshtouchstormhub.info

fuelamplifyydiamond.info *.fuelamplifyydiamond.info

godeath.com *.godeath.com

gold-armbanda.today *.gold-armbanda.today

professionalliability.com.au *.professionalliability.com.au

promospark.org *.promospark.org

reachingiconicsellers.co *.reachingiconicsellers.co

*.cloud.reautonomous.com reautonomous.com *.reautonomous.com

rosentattoos.de *.rosentattoos.de

runlevelinbox.co *.runlevelinbox.co

*.remote.tirelessteam.com tirelessteam.com *.tirelessteam.com

trueeaglemanage.co *.trueeaglemanage.co

trueeaglepilot.co *.trueeaglepilot.co

trueeaglesolutions.co *.trueeaglesolutions.co

working-permit.com *.working-permit.com