SSL Certificate Analysis for random.sfers.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=check-tl-ver-116-2.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 22, 2026

Valid Until

August 20, 2026 58 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E5:12:2B:99:AD:18:53:46:91:32:94:25:73:0F:7E:AF:3B:DF:3F:63:AC:DD:E6:87:37:A9:2B:7D:D4:36:4A:24

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

sfers.org *.sfers.org *.airflow.sfers.org *.cicd.sfers.org *.dev.sfers.org *.my.sfers.org *.owa.sfers.org *.production.sfers.org *.random.sfers.org *.staging.sfers.org *.ww16.sfers.org *.ww25.sfers.org *.ww38.sfers.org

Other domains in certificate

78win1c.com *.78win1c.com *.api.78win1c.com *.assets.78win1c.com *.backup.78win1c.com *.dashboard.78win1c.com *.dev.78win1c.com *.kezbastaging.78win1c.com *.mail.78win1c.com *.mailer.78win1c.com *.marketing.78win1c.com *.members.78win1c.com *.nspeiqfv.78win1c.com *.public.78win1c.com *.qa.78win1c.com *.secure.78win1c.com *.staging.78win1c.com *.stg.78win1c.com *.uat.78win1c.com *.v1.78win1c.com *.v2.78win1c.com *.vfkisbackup.78win1c.com *.vpn.78win1c.com *.web.78win1c.com *.www.78win1c.com

bca-idn.club *.bca-idn.club

*.admin.booksc.com *.android.booksc.com booksc.com *.booksc.com *.el.booksc.com *.game.booksc.com *.kr.booksc.com *.net.booksc.com *.openvpn.booksc.com *.ru.booksc.com *.users.booksc.com *.ww16.booksc.com

centerzaym.site *.centerzaym.site

check-tl-ver-116-2.com *.check-tl-ver-116-2.com

*.chat.dvivienda.com dvivienda.com *.dvivienda.com *.pics.dvivienda.com *.random.dvivienda.com *.store.dvivienda.com *.ww25.dvivienda.com

*.client.glitchcrax.info glitchcrax.info *.glitchcrax.info

hy-2.com *.hy-2.com

inevitable.it *.inevitable.it

jamiltech.com *.jamiltech.com

lauraandertgroup.com *.lauraandertgroup.com

*.ns01.shree.live *.ns2.shree.live shree.live *.shree.live

vwo.com.au *.vwo.com.au

*.random.wzr.de *.th.wzr.de wzr.de *.wzr.de

yourbooks.co.za *.yourbooks.co.za

*.m.youthfuliv.com youthfuliv.com *.youthfuliv.com