SSL Certificate Analysis for api.dongma.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bitsol.co

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 16, 2026

Valid Until

May 17, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4E:79:28:8E:D8:6E:56:50:5C:CF:E6:E4:37:28:87:7A:59:36:20:0A:6A:47:FC:BF:0B:D7:C6:94:46:3A:45:DC

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

dongma.com *.dongma.com *.api.dongma.com *.comune.dongma.com *.jiangongyunlian.dongma.com *.marathon.dongma.com *.mlbpark.dongma.com *.support.dongma.com *.vpn.dongma.com

Other domains in certificate

bitsol.co *.bitsol.co

*.3ft3le45lygdnoox.blue365dels.com *.admin.blue365dels.com *.autodiscover.blue365dels.com *.blog.blue365dels.com blue365dels.com *.blue365dels.com *.ftp.blue365dels.com *.gateway.blue365dels.com *.hostmaster.blue365dels.com *.mail.blue365dels.com *.postmaster.blue365dels.com *.preview.blue365dels.com *.remote.blue365dels.com *.stage.blue365dels.com *.stats.blue365dels.com *.stg.blue365dels.com *.superset.blue365dels.com *.wap.blue365dels.com *.wp.blue365dels.com *.ww25.blue365dels.com *.ww38.blue365dels.com *.www.blue365dels.com

collegeclaims.com *.collegeclaims.com *.hostmaster.collegeclaims.com *.vpn.collegeclaims.com

decklift.com *.decklift.com *.random.decklift.com *.sitemap.decklift.com *.vpn.decklift.com

evergreencarpets.com *.evergreencarpets.com *.vpn.evergreencarpets.com

*.cesariosanto.exe.com.au *.eiwfjgruioghsehfuiorhsgirkhdxkfh.exe.com.au exe.com.au *.exe.com.au *.freerobux.exe.com.au *.mail.exe.com.au *.nightmare.exe.com.au *.nsw.exe.com.au *.robuxinstaller.exe.com.au *.totallyacat.exe.com.au *.waifu.exe.com.au *.wildcard.exe.com.au

hj25ja2cc1.top *.hj25ja2cc1.top *.ww17.hj25ja2cc1.top

*.email.joracredit.co *.emv1.joracredit.co joracredit.co *.joracredit.co *.www.joracredit.co

*.hostmaster.litica.it litica.it *.litica.it *.remote.litica.it

pleasureu.com *.pleasureu.com *.wildcard.pleasureu.com

*.814d1a52-7864-4b61-964c-7a9e5c8a51ce.simulatedevices.com *.admin.simulatedevices.com *.assets.simulatedevices.com *.demo.simulatedevices.com *.docs.simulatedevices.com *.portal.simulatedevices.com *.rd.simulatedevices.com *.rdweb.simulatedevices.com *.remote.simulatedevices.com *.sharepoint.simulatedevices.com simulatedevices.com *.simulatedevices.com *.www.simulatedevices.com

*.hostmaster.thatwouldhelp.com thatwouldhelp.com *.thatwouldhelp.com *.vpn.thatwouldhelp.com