Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=winslot303gold.click
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 13, 2026
Valid Until
May 14, 2026
86 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
68:46:8A:95:CF:C9:7F:7D:EA:C6:E9:8C:2B:7C:CA:94:9E:0F:DC:9B:B1:4F:41:5A:DD:62:1C:24:89:7A:D1:A9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
kousar.com
*.kousar.com
*.api.kousar.com
*.backup.kousar.com
*.crm.kousar.com
*.dev.kousar.com
*.hostmaster.kousar.com
*.login.kousar.com
*.mail.kousar.com
*.sitemaps.kousar.com
*.test.kousar.com
*.vpn.kousar.com
789bet32.com
*.789bet32.com
*.api.789bet32.com
*.backend.789bet32.com
astharghor.com
*.astharghor.com
boletoatualizado.org
*.boletoatualizado.org
*.calendar.boletoatualizado.org
*.checkout.boletoatualizado.org
*.files.boletoatualizado.org
*.gitlab.boletoatualizado.org
*.mail.boletoatualizado.org
*.smtp.boletoatualizado.org
*.www.boletoatualizado.org
concorrencia.com
*.concorrencia.com
*.emv1.concorrencia.com
*.fzpfquykcqp.concorrencia.com
*.m.concorrencia.com
*.mx.concorrencia.com
*.observatorio.concorrencia.com
darla.studio
*.darla.studio
*.sitemap.darla.studio
*.dan.dot.farm
dot.farm
*.dot.farm
*.site.dot.farm
fruzaqlagisttreatment727300.icu
*.fruzaqlagisttreatment727300.icu
*.api.fusionbet.pro
fusionbet.pro
*.fusionbet.pro
*.ww25.fusionbet.pro
*.ww38.fusionbet.pro
*.applemail.khod.com
*.collection.khod.com
*.ff.khod.com
*.hg.khod.com
*.hostmaster.khod.com
khod.com
*.khod.com
*.kvc.khod.com
*.m.khod.com
*.owa.khod.com
*.qxue.khod.com
*.securepop.khod.com
*.sktkb.khod.com
*.t.khod.com
*.uehvgj.khod.com
*.uexom.khod.com
*.vpn.khod.com
*.w.khod.com
*.ww25.khod.com
*.y.khod.com
*.yzu.khod.com
kneepain234142.icu
*.kneepain234142.icu
nevendingwaer.shop
*.nevendingwaer.shop
partyvenuerental711631.icu
*.partyvenuerental711631.icu
speeddome.shop
*.speeddome.shop
*.docs.stenseth.com
stenseth.com
*.stenseth.com
*.users.stenseth.com
*.ww25.stenseth.com
*.ad.vua88hot.live
*.intranet.vua88hot.live
*.store.vua88hot.live
vua88hot.live
*.vua88hot.live
*.sitemaps.winslot303gold.click
winslot303gold.click
*.winslot303gold.click
Other domains in certificate