SSL Certificate Analysis for tink888.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=glowforge.studio

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 17, 2026

Valid Until

May 18, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

40:98:62:31:EB:CB:39:0D:68:2E:19:3C:9C:76:10:D6:F7:60:DB:12:2F:B1:43:67:11:7A:1B:CF:7F:D4:43:9A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

tink888.com *.tink888.com *.kw2.tink888.com *.tt2.tink888.com *.tt4.tink888.com *.tt5.tink888.com *.www.tink888.com

Other domains in certificate

*.0824.998.co.in *.51998youxizhongxin.998.co.in 998.co.in *.998.co.in *.bi.998.co.in *.fb88.998.co.in *.fnnl1s.998.co.in *.m51998youxizhongxin.998.co.in *.notexists51998youxizhongxinxiazai.998.co.in *.summary.998.co.in *.www.998.co.in

cruisesydneyharbour.com.au *.cruisesydneyharbour.com.au *.hostmaster.cruisesydneyharbour.com.au

*.admin.cynthia2025.com *.api.cynthia2025.com *.app.cynthia2025.com *.clrpdapp.cynthia2025.com cynthia2025.com *.cynthia2025.com *.intranet.cynthia2025.com *.mail.cynthia2025.com *.portal.cynthia2025.com *.rd.cynthia2025.com *.resiyrds.cynthia2025.com *.shop.cynthia2025.com

glowforge.studio *.glowforge.studio

*.eatright.moviebox.fun *.jayzvidz.moviebox.fun moviebox.fun *.moviebox.fun *.sportfood.moviebox.fun *.toplifehacks.moviebox.fun *.topthemes.moviebox.fun *.vegancenter.moviebox.fun *.www.moviebox.fun

myblog.io *.myblog.io *.ss-primary.myblog.io

*.48e9980b-8577-4415-bda8-89ff975f3595.ninepoint.live *.auth.ninepoint.live *.autoconfig.ninepoint.live *.autodiscover.ninepoint.live *.crm.ninepoint.live *.ftp.ninepoint.live *.lime.ninepoint.live ninepoint.live *.ninepoint.live *.w8oy18.ninepoint.live *.ww12.ninepoint.live *.ww2.ninepoint.live *.ww5.ninepoint.live *.www.ninepoint.live

peasantquestion.shop *.peasantquestion.shop *.sitemaps.peasantquestion.shop *.ww25.peasantquestion.shop

*.m.riffchelsea.com riffchelsea.com *.riffchelsea.com

*.email.theradar.it *.phpmyadmin.theradar.it theradar.it *.theradar.it

tryfundingbaycapitalhq.com *.tryfundingbaycapitalhq.com

*.backend.ufa7777com.com *.dev.ufa7777com.com *.ftp.ufa7777com.com ufa7777com.com *.ufa7777com.com *.www.ufa7777com.com

*.smtps.whenthesaints.it whenthesaints.it *.whenthesaints.it

*.4a3a8323-6d0b-4081-b033-0734f119c400.xregulatory.com xregulatory.com *.xregulatory.com

ycwr5o1.cyou *.ycwr5o1.cyou

zk5u16.top *.zk5u16.top