Open
Cached
·
just now
79/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=33win1.info
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 12, 2026
Valid Until
April 12, 2026
50 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:24:1B:E2:AD:39:5B:14:60:1D:04:86:80:B1:21:5A:EA:2D:85:5D:07:9D:D3:DC:C0:94:04:F4:07:69:75:87
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
ebz.au
*.ebz.au
*.ww25.ebz.au
33win1.info
*.33win1.info
*.www.33win1.info
abtinmarket.com
*.abtinmarket.com
*.mail.abtinmarket.com
arene.club
*.arene.club
*.wildcard.arene.club
*.ww.arene.club
boost-settings.com
*.boost-settings.com
*.fb.boost-settings.com
*.me.boost-settings.com
*.ww25.boost-settings.com
boyfriends.tv
*.boyfriends.tv
*.m.boyfriends.tv
*.ww17.boyfriends.tv
*.ww25.boyfriends.tv
buildrsmutual.com
*.buildrsmutual.com
*.nhac.buildrsmutual.com
*.ww25.buildrsmutual.com
bwinbet365y.com
*.bwinbet365y.com
*.ww25.bwinbet365y.com
camel.bio
*.camel.bio
*.random.camel.bio
*.sitemap.camel.bio
*.static-analysis.camel.bio
*.ww25.camel.bio
capitalbets.bet
*.capitalbets.bet
*.ww25.capitalbets.bet
cash4carsnewjersey.com
*.cash4carsnewjersey.com
*.git.cash4carsnewjersey.com
*.gitlab.cash4carsnewjersey.com
*.ww25.cash4carsnewjersey.com
datto.network
*.datto.network
*.pay.datto.network
*.ww25.datto.network
*.adguard1.domain.restaurant
*.backend.domain.restaurant
*.dns1.domain.restaurant
domain.restaurant
*.domain.restaurant
expensen.com
*.expensen.com
*.m.expensen.com
*.ww25.expensen.com
ezwin.life
*.ezwin.life
*.wildcard.ezwin.life
*.www.ezwin.life
felipeph.com
*.felipeph.com
*.felipeph.felipeph.com
*.ww25.felipeph.com
fly3.co
*.fly3.co
*.ww25.fly3.co
*.ww38.fly3.co
*.en.hasgulhukuk.com
hasgulhukuk.com
*.hasgulhukuk.com
hmovies.pro
*.hmovies.pro
*.www.hmovies.pro
inductionbuilder.com.au
*.inductionbuilder.com.au
*.ww38.inductionbuilder.com.au
krbgy.online
*.krbgy.online
*.www.krbgy.online
linkudangan.com
*.linkudangan.com
*.ww25.linkudangan.com
w0525.click
*.w0525.click
*.ww38.w0525.click
*.sitemap.whitestreetbeadcompany.com
whitestreetbeadcompany.com
*.whitestreetbeadcompany.com
Other domains in certificate