SSL Certificate Analysis for queenalia.ltd - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=commercialkitchen.au

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

63:79:96:45:43:1D:25:82:23:BB:99:5B:2D:C6:BD:6B:B0:A4:C4:21:7C:EF:C8:73:B5:90:26:66:AB:11:C1:D7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

queenalia.ltd *.queenalia.ltd

Other domains in certificate

27601.my *.27601.my

alipays6.sbs *.alipays6.sbs

cannapurple.com *.cannapurple.com

checkpoint.lol *.checkpoint.lol

clermontcarclub.com *.clermontcarclub.com

coachingcfo.com *.coachingcfo.com

commercialkitchen.au *.commercialkitchen.au

consumer-loans.com *.consumer-loans.com

cu5ik.com *.cu5ik.com

diamondfantasy.top *.diamondfantasy.top

emfilend.com *.emfilend.com

emigrant.name *.emigrant.name

everbliss.art *.everbliss.art

fc2covid.net *.fc2covid.net

figurineonepiece.shop *.figurineonepiece.shop

g51gj.mom *.g51gj.mom

grandexbk.com *.grandexbk.com

kxhome.cn *.kxhome.cn *.t.kxhome.cn

liminal.bot *.liminal.bot

metronic.net.cn *.metronic.net.cn

moldremovalboss.org *.moldremovalboss.org

nhacaiuytin1.com *.nhacaiuytin1.com

nowamplifyorbitpro.xyz *.nowamplifyorbitpro.xyz

np5gf.mom *.np5gf.mom

nvmedisk.com *.nvmedisk.com

outdoorscotland.co.uk *.outdoorscotland.co.uk

pam58.icu *.pam58.icu

pbtj5.mom *.pbtj5.mom

pets-welcome-hotels.com *.pets-welcome-hotels.com

qwudryyliehqgctylvva.com *.qwudryyliehqgctylvva.com

restaurantmarketingbranding.com *.restaurantmarketingbranding.com

reume.io *.reume.io

safetygrit.com *.safetygrit.com

*.remote.sauvolainen.com sauvolainen.com *.sauvolainen.com *.uat.sauvolainen.com

smoothing.com *.smoothing.com

temaricare.com *.temaricare.com

*.backbone.trendsetter405.com *.cat.trendsetter405.com *.e.trendsetter405.com *.med.trendsetter405.com *.preview.trendsetter405.com *.staff.trendsetter405.com *.temp.trendsetter405.com trendsetter405.com *.trendsetter405.com *.ww25.trendsetter405.com *.ww38.trendsetter405.com

zqjdl.qpon *.zqjdl.qpon