SSL Certificate Analysis for cloud2.revelpickups.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=qualificato.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 03, 2026

Valid Until

May 04, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0D:B4:BE:8D:3F:BF:56:8F:2C:B0:B7:D5:0D:A5:E9:70:C7:17:84:75:65:F3:15:29:CB:A5:F5:8D:08:F8:19:D2

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

revelpickups.com *.revelpickups.com

Other domains in certificate

qualificato.it *.qualificato.it

quantumpathway.org *.quantumpathway.org

quash.it *.quash.it

rac.it *.rac.it

raiinternational.it *.raiinternational.it

rare-carat-947227027.click *.rare-carat-947227027.click

redeagle.it *.redeagle.it

rejectedby.it *.rejectedby.it

removers.it *.removers.it

rere.it *.rere.it

revistafuentes.org *.revistafuentes.org

rivistapoker.it *.rivistapoker.it

roboticsfly.com *.roboticsfly.com

roket288s.com *.roket288s.com

romanticcircles.org *.romanticcircles.org

rosai.it *.rosai.it

rwsnp.pro *.rwsnp.pro

saile100.com *.saile100.com

salads.it *.salads.it

sandrale.net *.sandrale.net

santabarbaracarecenter.com *.santabarbaracarecenter.com

scaldapane.it *.scaldapane.it

sconto-piu.it *.sconto-piu.it

scovato.it *.scovato.it

securitystrategies.it *.securitystrategies.it

sell.it *.sell.it

sentimiento.it *.sentimiento.it

shhoy.com *.shhoy.com

simba69alternatif.homes *.simba69alternatif.homes

simba69alternatif.rent *.simba69alternatif.rent

simba69masuk.homes *.simba69masuk.homes

sirtech.net *.sirtech.net

slotcash77.sbs *.slotcash77.sbs

smartinveststrategies.sbs *.smartinveststrategies.sbs

smarttime.top *.smarttime.top

smh80011.cc *.smh80011.cc

smspromozionali.it *.smspromozionali.it

sonomacoast.homes *.sonomacoast.homes

soolee.com *.soolee.com

statend.us *.statend.us

stc-server.me *.stc-server.me

storyforward.it *.storyforward.it

supermotels.com *.supermotels.com

suprashoesneverstop.com *.suprashoesneverstop.com