SSL Certificate Analysis for m.bingcart.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=wolfway.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 21, 2026

Valid Until

August 19, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4C:7B:81:9F:44:BB:54:52:8B:D0:75:D1:80:79:60:CB:73:89:88:C0:5A:E6:99:42:81:84:89:2F:7C:98:48:24

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bingcart.com *.bingcart.com *.cpanel.bingcart.com *.cpcontacts.bingcart.com *.data.bingcart.com *.hostmaster.bingcart.com *.m.bingcart.com *.mx.bingcart.com *.webdisk.bingcart.com *.wwww.bingcart.com

Other domains in certificate

*.8wdvwp.aiqheart.com aiqheart.com *.aiqheart.com

akwam.in *.akwam.in *.eg.akwam.in *.goold.akwam.in *.on.akwam.in

aoli.in *.aoli.in *.ex.aoli.in *.mail01.aoli.in *.mail07.aoli.in *.mail09.aoli.in *.mail4.aoli.in *.mailgw.aoli.in *.mailserver.aoli.in *.oldex.aoli.in *.outlook.aoli.in *.sg1.aoli.in *.wildcard.aoli.in

*.32.book-kheloyar.shop book-kheloyar.shop *.book-kheloyar.shop *.ww25.book-kheloyar.shop

*.auth.coindexprofittrades.com coindexprofittrades.com *.coindexprofittrades.com

*.92.drrobertklein.com drrobertklein.com *.drrobertklein.com *.jenkins.drrobertklein.com *.mail.drrobertklein.com *.net.drrobertklein.com

*.babieskits.gadgetswright.com *.cotomoviesapk.gadgetswright.com *.gadgetsright.gadgetswright.com gadgetswright.com *.gadgetswright.com *.grabgrants.gadgetswright.com *.vidmatedownloadl.gadgetswright.com *.vsharedownloadpro.gadgetswright.com

*.3nxyc.realads.top *.4yj7f.realads.top *.8joac.realads.top *.api.realads.top *.app.realads.top *.aqzmk.realads.top *.assets.realads.top *.cg4o5.realads.top *.cuyk.realads.top *.d.realads.top *.demo.realads.top *.dev.realads.top *.ebwif.realads.top *.fdy0p.realads.top *.gpcijz44ag.realads.top *.jyikv.realads.top *.kac0t.realads.top *.kp5po.realads.top *.mp7tf.realads.top *.nemln.realads.top *.osc36.realads.top *.pmuxbtsy.realads.top realads.top *.realads.top *.secure.realads.top *.snx68.realads.top *.vejep3nxyc.realads.top *.wslq2.realads.top *.y6iui.realads.top *.z44ag.realads.top

*.8pnjm9.rtpb138.club rtpb138.club *.rtpb138.club

*.hostmaster.wolfway.com *.m.wolfway.com *.rd.wolfway.com wolfway.com *.wolfway.com