SSL Certificate Analysis for rx-fasty.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=fallonxgray.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

March 30, 2026

Valid Until

June 28, 2026 48 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E7:B3:1A:F8:70:94:CD:53:7D:00:08:63:41:6A:A5:07:6D:2C:91:72:F1:B6:65:40:A9:8A:C9:D9:BB:B3:66:0E

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

rx-fasty.com *.rx-fasty.com

Other domains in certificate

03e5e275250e810d.com *.03e5e275250e810d.com

0c38a8e852cd334f.com *.0c38a8e852cd334f.com

0cecd8e8653629f8.com *.0cecd8e8653629f8.com

1d116466c1216274.com *.1d116466c1216274.com

1de0bad3b23ff5a3.com *.1de0bad3b23ff5a3.com

237968.top *.237968.top

2df19924613c34b5.com *.2df19924613c34b5.com

2df1b2570cb8a71f.com *.2df1b2570cb8a71f.com

2ec72f17cc0119ac.com *.2ec72f17cc0119ac.com

302919e3564a331a.com *.302919e3564a331a.com

311159f93ccbe5e8.com *.311159f93ccbe5e8.com

319513.vip *.319513.vip

32191.blog *.32191.blog

41347.co *.41347.co

498813.locker *.498813.locker

70377.co *.70377.co

74108.pet *.74108.pet

783925.email *.783925.email

88778.blog *.88778.blog

956866.vip *.956866.vip

a-1trashbinscleaningservice.com *.a-1trashbinscleaningservice.com

a2zglobalenergy.com *.a2zglobalenergy.com

extremecbd.com *.extremecbd.com

exusknqokqsbmkqqt.com *.exusknqokqsbmkqqt.com

fallonxgray.com *.fallonxgray.com

fc917595b6ec0a8e.com *.fc917595b6ec0a8e.com

fekgo.la *.fekgo.la

fk9gi5k.com *.fk9gi5k.com

flyqz.com *.flyqz.com

gardenerclick.com *.gardenerclick.com

getaccrued.com *.getaccrued.com

ghizxms.com *.ghizxms.com

grownfree.org *.grownfree.org

guiademanabi.com *.guiademanabi.com

gvfim.loan *.gvfim.loan

handsmother.com *.handsmother.com

hhsar.wtf *.hhsar.wtf

inkapelis.me *.inkapelis.me

*.kcgznbaj.olimpksct.xyz olimpksct.xyz *.olimpksct.xyz

pasjackpotmaxwin47.xyz *.pasjackpotmaxwin47.xyz

pekingman.cn *.pekingman.cn

qouwx.town *.qouwx.town

ussmullinnix.org *.ussmullinnix.org