SSL Certificate Analysis for cryptag.xyz - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=333jjj.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 17, 2026

Valid Until

August 15, 2026 52 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

35:4B:4F:5F:FF:1C:FB:4A:0B:E7:08:6B:37:A0:FA:F7:56:87:10:83:B7:51:CC:47:5A:FC:E5:6B:A4:6D:51:BB

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

cryptag.xyz *.cryptag.xyz

Other domains in certificate

333jjj.xyz *.333jjj.xyz *.igqlc.333jjj.xyz *.q2s8t.333jjj.xyz

35409.co *.35409.co

479yhg.cc *.479yhg.cc

52v6f.mom *.52v6f.mom

61435.co *.61435.co

6gdoa3qs.com *.6gdoa3qs.com

budine.com *.budine.com

conceptfurnishing.com *.conceptfurnishing.com

epicrealm571.top *.epicrealm571.top

f87u.cyou *.f87u.cyou

freelancesubito.site *.freelancesubito.site

gwwge.cc *.gwwge.cc

jackpotlegends.quest *.jackpotlegends.quest

jxx7577s.cc *.jxx7577s.cc

k36e.cyou *.k36e.cyou

kwertjkjlqweklq321.sbs *.kwertjkjlqweklq321.sbs

lorenzettiprodutosbr.store *.lorenzettiprodutosbr.store

luckyreel.quest *.luckyreel.quest

malho.art *.malho.art

ncjazlkmlbqm.cc *.ncjazlkmlbqm.cc

oringqpl.cfd *.oringqpl.cfd

oriontogel.loan *.oriontogel.loan

oxymapure.com *.oxymapure.com

*.2023.pica2023.top *.bika.pica2023.top pica2023.top *.pica2023.top *.ww17.pica2023.top

*.imap.pictura.studio pictura.studio *.pictura.studio

precisioncareerpath.xyz *.precisioncareerpath.xyz *.q2s8t.precisioncareerpath.xyz

precisionvacation.xyz *.precisionvacation.xyz

psjzlw.com *.psjzlw.com

qifengs.com *.qifengs.com

qwsnwr.cn *.qwsnwr.cn

reelfortune.quest *.reelfortune.quest

retroadventure211.shop *.retroadventure211.shop

s29cn.com *.s29cn.com

servato1.info *.servato1.info

servatoai.info *.servatoai.info

sirammaxwin88.com *.sirammaxwin88.com *.webdisk.sirammaxwin88.com

skeletoncoast.co *.skeletoncoast.co

tamodienynas.lt *.tamodienynas.lt

wwb0.com *.wwb0.com

wwwb083083.cc *.wwwb083083.cc