SSL Certificate Analysis for test.xialiao.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=primetickets.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 31, 2026

Valid Until

May 01, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BB:8A:4D:C5:DF:A8:AD:1F:3B:C6:23:43:C7:77:D0:8F:04:EB:4E:A5:F2:DD:00:A3:85:5A:45:45:B9:6A:4C:73

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

xialiao.com *.xialiao.com *.net.xialiao.com

Other domains in certificate

*.ads.africanpornmovies.com africanpornmovies.com *.africanpornmovies.com *.aide.africanpornmovies.com *.creators.africanpornmovies.com *.dashboard.africanpornmovies.com *.ework.africanpornmovies.com *.fans.africanpornmovies.com *.help.africanpornmovies.com *.icloud.africanpornmovies.com *.infos.africanpornmovies.com *.ishare.africanpornmovies.com *.myfans.africanpornmovies.com *.support.africanpornmovies.com *.wish.africanpornmovies.com

alabamabrand.com *.alabamabrand.com *.m.alabamabrand.com *.temp.alabamabrand.com *.www.alabamabrand.com

amgbright.com *.amgbright.com *.rd.amgbright.com

balvar.com *.balvar.com *.remote2.balvar.com

*.admin.casqueantibruit.com *.api.casqueantibruit.com *.app.casqueantibruit.com *.audio.casqueantibruit.com casqueantibruit.com *.casqueantibruit.com *.dev.casqueantibruit.com *.hostmaster.casqueantibruit.com *.m.casqueantibruit.com *.mail.casqueantibruit.com *.members.casqueantibruit.com *.metric.casqueantibruit.com *.novo.casqueantibruit.com *.test.casqueantibruit.com *.www.casqueantibruit.com *.yudfpaudio.casqueantibruit.com

*.admin.chatfaith.com chatfaith.com *.chatfaith.com

*.autoconfig.happywishes101.in happywishes101.in *.happywishes101.in *.phpmyadmin.happywishes101.in

p6paktev.online *.p6paktev.online *.ww1.p6paktev.online *.ww38.p6paktev.online

primetickets.xyz *.primetickets.xyz *.sitemaps.primetickets.xyz *.wildcard.primetickets.xyz

*.ad.shopee.sh *.annuairedunet.shopee.sh *.attmail.shopee.sh *.aufserver4.shopee.sh *.backend.shopee.sh *.bandi2000.shopee.sh *.chatbot.shopee.sh *.clone.shopee.sh *.foms.shopee.sh *.help.shopee.sh *.infra.shopee.sh *.live-test.shopee.sh *.livestream.shopee.sh *.livetech.shopee.sh *.mms.shopee.sh *.ph.shopee.sh *.seller.shopee.sh shopee.sh *.shopee.sh *.spm.shopee.sh *.staging.shopee.sh *.test.shopee.sh *.thirdparties.shopee.sh *.tracking.shopee.sh *.uat.shopee.sh *.vod.shopee.sh *.ww25.shopee.sh

*.cpanel.tramposo.com tramposo.com *.tramposo.com