SSL Certificate Analysis for oxyforce.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=singleplayer.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 04, 2026

Valid Until

July 03, 2026 42 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

EF:8F:B4:78:B4:F1:27:2E:B2:E5:83:F0:26:7E:C3:6A:FF:27:EA:E7:59:18:14:EC:05:65:22:78:33:13:FF:58

Alternative Names

85 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

85 domains

oxyforce.com *.oxyforce.com *.mail.oxyforce.com *.mx.oxyforce.com

Other domains in certificate

*.4d1ccfa2-c46e-4e52-85e2-90c9811060a9.8link.one 8link.one *.8link.one *.app.8link.one *.external.8link.one *.my.8link.one *.public.8link.one *.wildcard.8link.one

bellanailspa.com *.bellanailspa.com *.blog.bellanailspa.com *.demo.bellanailspa.com *.ww.bellanailspa.com *.ww1.bellanailspa.com *.ww16.bellanailspa.com *.ww25.bellanailspa.com *.ww38.bellanailspa.com *.www.bellanailspa.com

cbdata.com *.cbdata.com *.ildcard.cbdata.com *.my.cbdata.com *.users.cbdata.com

falsad.com *.falsad.com *.ww38.falsad.com

*.admin.itcertifications.it *.backend.itcertifications.it *.bi.itcertifications.it *.demo.itcertifications.it *.flowiseai.itcertifications.it itcertifications.it *.itcertifications.it *.report.itcertifications.it

mykpaln.com *.mykpaln.com *.ns4.mykpaln.com *.staff.mykpaln.com *.ww25.mykpaln.com *.ww38.mykpaln.com

*.admin.neos.fund *.assets.neos.fund *.cczbnmateriais.neos.fund *.demo.neos.fund *.m.neos.fund neos.fund *.neos.fund *.reporting.neos.fund *.search.neos.fund *.staging.neos.fund *.test.neos.fund *.ww3.neos.fund

singleplayer.it *.singleplayer.it

smokingzone.it *.smokingzone.it

*.random.svs100.com svs100.com *.svs100.com *.ww12.svs100.com *.ww25.svs100.com *.ww38.svs100.com

*.api.teablender.com *.hostmaster.teablender.com teablender.com *.teablender.com *.ww11.teablender.com *.ww16.teablender.com *.ww25.teablender.com

*.random.thebarkerypet.com thebarkerypet.com *.thebarkerypet.com *.ww38.thebarkerypet.com

vanneer.com *.vanneer.com *.ww25.vanneer.com

*.ftp.wireless4mb.com *.tw.wireless4mb.com wireless4mb.com *.wireless4mb.com *.ww38.wireless4mb.com