Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=howiwinlottery.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 11, 2026
Valid Until
August 09, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
50:74:0F:3C:FE:7F:06:45:60:89:1D:E4:6C:0B:E1:EE:6A:FD:6E:F9:D6:12:F8:B3:20:7D:B5:72:43:36:61:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
stat08.com
*.stat08.com
*.wss.stat08.com
06760.my
*.06760.my
22131.one
*.22131.one
22222.qpon
*.22222.qpon
222228.cc
*.222228.cc
35682.blog
*.35682.blog
452659.xyz
*.452659.xyz
4x4slot.biz
*.4x4slot.biz
courseweek.com
*.courseweek.com
dokankom.com
*.dokankom.com
donichfamilylaw.com
*.donichfamilylaw.com
howiwinlottery.com
*.howiwinlottery.com
hqgaw.qpon
*.hqgaw.qpon
*.dm-us.hybrid.im
hybrid.im
*.hybrid.im
*.m.hybrid.im
hyxtk.cn
*.hyxtk.cn
i0ct.top
*.i0ct.top
indo18.co
*.indo18.co
inw99slot.site
*.inw99slot.site
jin168ocean.site
*.jin168ocean.site
kissingmagics.com
*.kissingmagics.com
kmbbb1.com
*.kmbbb1.com
kmbbb12.com
*.kmbbb12.com
kmbbb14.com
*.kmbbb14.com
kmbbb16.com
*.kmbbb16.com
occ88.world
*.occ88.world
*.www.occ88.world
pisangsukhunki.com
*.pisangsukhunki.com
plinko.lol
*.plinko.lol
sindoor.xyz
*.sindoor.xyz
slot789.world
*.slot789.world
*.www.slot789.world
sofortavones.com
*.sofortavones.com
sommelier.in
*.sommelier.in
superruay789.asia
*.superruay789.asia
syltrumane.cfd
*.syltrumane.cfd
t1ps3p2sr.top
*.t1ps3p2sr.top
t5py2y3mw.top
*.t5py2y3mw.top
t6va6d2zm.top
*.t6va6d2zm.top
trusttrailtroopers.xyz
*.trusttrailtroopers.xyz
verityvacations.xyz
*.verityvacations.xyz
xmq76.icu
*.xmq76.icu
*.crsojdvk.xn--168-1klj2o5b.team
*.dev.xn--168-1klj2o5b.team
*.nic32i.xn--168-1klj2o5b.team
*.secure.xn--168-1klj2o5b.team
*.stg.xn--168-1klj2o5b.team
xn--168-1klj2o5b.team
*.xn--168-1klj2o5b.team
Other domains in certificate