SSL Certificate Analysis for dev0201.win918.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=xypozin.cfd

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

December 09, 2025

Valid Until

March 09, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D4:9A:B7:C1:72:70:6F:27:2E:CC:B8:C5:58:4F:57:A5:FD:3A:69:AA:09:4D:EE:89:8C:3B:0F:78:FC:13:B5:A7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

win918.net *.win918.net *.a0326.win918.net *.bet365.win918.net *.bet777.win918.net *.br.win918.net *.csagent.win918.net *.dev.win918.net *.dev0101.win918.net *.dev0201.win918.net *.dev0501.win918.net *.dev0801.win918.net *.dm01.win918.net *.dm04.win918.net *.dmthb.win918.net *.en.win918.net *.home.win918.net *.mm001.win918.net *.oebet.win918.net *.p8.win918.net *.royalclub.win918.net *.th.win918.net *.vn.win918.net *.wangzheking.win918.net *.ww25.win918.net *.z8.win918.net

Other domains in certificate

711fenfa.com *.711fenfa.com

asdadeals.icu *.asdadeals.icu

bedlinen.net.au *.bedlinen.net.au *.ww38.bedlinen.net.au

bobakasaka.online *.bobakasaka.online

byfq4d.cfd *.byfq4d.cfd

*.blog.coastauction.com *.bonus.coastauction.com *.cit.coastauction.com coastauction.com *.coastauction.com *.intern.coastauction.com *.ntp.coastauction.com *.olga.coastauction.com *.pool.coastauction.com *.pop.coastauction.com *.pop2.coastauction.com *.publicapi.coastauction.com *.resources.coastauction.com *.search.coastauction.com *.slave.coastauction.com *.team.coastauction.com *.test3.coastauction.com

elkitdeltdah.online *.elkitdeltdah.online

imtoaken.cc *.imtoaken.cc *.test.imtoaken.cc *.ww25.imtoaken.cc *.ww38.imtoaken.cc *.www.imtoaken.cc

*.api.lijkedin.com *.ar.lijkedin.com *.com.lijkedin.com *.jpqxvkyt.lijkedin.com lijkedin.com *.lijkedin.com *.primary.lijkedin.com *.remote.lijkedin.com *.report.lijkedin.com *.shop.lijkedin.com *.ww1.lijkedin.com *.ww25.lijkedin.com

magnumbet.xyz *.magnumbet.xyz

*.mailbox.mvb.net.au mvb.net.au *.mvb.net.au

no-mad-word.club *.no-mad-word.club

*.cp.resinger.com *.gis.resinger.com resinger.com *.resinger.com *.ufa.resinger.com *.users.resinger.com *.videocdn.resinger.com

xypozin.cfd *.xypozin.cfd