SSL Certificate Analysis for www.strangefish.art - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=golean.co

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 24, 2026

Valid Until

August 22, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

29:F6:F2:C0:67:08:E2:39:2C:86:92:AE:26:E4:31:84:9F:60:E4:AD:FA:BD:0E:2C:5A:E5:0B:77:1B:F1:24:D8

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

strangefish.art *.strangefish.art *.home.strangefish.art

Other domains in certificate

40img.click *.40img.click *.i.40img.click *.tc.40img.click

77858vv.cc *.77858vv.cc

81999bw.cc *.81999bw.cc

82535.one *.82535.one

87873.pro *.87873.pro

964168.lol *.964168.lol

anecic.com *.anecic.com

c24-app.com *.c24-app.com

cuahangxutiktok2025.com *.cuahangxutiktok2025.com

cyoci8.cyou *.cyoci8.cyou

dbmpn.cn *.dbmpn.cn

*.carlie.display.homes *.dev.display.homes display.homes *.display.homes *.grove.display.homes *.homes.display.homes *.hostmaster.display.homes *.mailer.display.homes *.menangle.display.homes *.portal.display.homes *.public.display.homes *.rochedale.display.homes *.rural.display.homes *.superset.display.homes *.valley.display.homes *.www.display.homes

golean.co *.golean.co *.www.golean.co

inneralign.info *.inneralign.info

kde04w.cyou *.kde04w.cyou

lingeriewear.com *.lingeriewear.com

lls999.cn *.lls999.cn

lna6b4zhie6x.com *.lna6b4zhie6x.com

log-design.com *.log-design.com

melslot.vip *.melslot.vip

outofcuriosity.co.uk *.outofcuriosity.co.uk

qveira.com *.qveira.com

ree3k9comgytc9y.com *.ree3k9comgytc9y.com

*.com.router95b316.com router95b316.com *.router95b316.com *.ww38.router95b316.com

thehealthydancer.com *.thehealthydancer.com

trlah.cc *.trlah.cc

vid080.com *.vid080.com

vk-wall.co *.vk-wall.co *.ww38.vk-wall.co

vvvy.org *.vvvy.org

www201766.com *.www201766.com

xn--cruyffespaa-beb.com *.xn--cruyffespaa-beb.com

ywvyatz.my *.ywvyatz.my

zhonghuashangbiao.com *.zhonghuashangbiao.com