SSL Certificate Analysis for dev.quantumsound.tech - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=113725.lol

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 16, 2026

Valid Until

August 14, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

70:F4:8A:DA:AF:F1:A9:D1:C3:13:26:48:25:CB:49:EF:BE:06:80:E2:34:53:E0:61:A9:B1:7A:45:2C:55:B0:5F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

quantumsound.tech *.quantumsound.tech *.aging.quantumsound.tech *.app.quantumsound.tech *.bqbqa.quantumsound.tech *.cure.quantumsound.tech *.dashboard.quantumsound.tech *.dev.quantumsound.tech *.evelzapp.quantumsound.tech *.g.quantumsound.tech *.huvstaging.quantumsound.tech *.itaygnhe.quantumsound.tech *.mail.quantumsound.tech *.nohuvstaging.quantumsound.tech *.qa.quantumsound.tech *.staging.quantumsound.tech *.wohfoaging.quantumsound.tech

Other domains in certificate

113725.lol *.113725.lol *.wird99.113725.lol

*.1846m.as1131-login.cfd *.2194l.as1131-login.cfd *.2l6wm.as1131-login.cfd *.3nxyc.as1131-login.cfd *.4qwa0.as1131-login.cfd *.8r9pg.as1131-login.cfd as1131-login.cfd *.as1131-login.cfd *.cg4o5.as1131-login.cfd *.fz4qv.as1131-login.cfd *.hhforl.as1131-login.cfd *.me7q1.as1131-login.cfd *.niw2v.as1131-login.cfd *.nktjv.as1131-login.cfd *.orrwv.as1131-login.cfd *.q2s8t.as1131-login.cfd *.s5kjz.as1131-login.cfd *.v3ywp.as1131-login.cfd *.vizaseq.as1131-login.cfd *.wakkl.as1131-login.cfd *.wsct4.as1131-login.cfd *.x7pal.as1131-login.cfd *.y9zz2.as1131-login.cfd *.z3dl1.as1131-login.cfd

*.1y6k2.hwzsdsj.cn *.3hl2734.hwzsdsj.cn *.7ja0.hwzsdsj.cn hwzsdsj.cn *.hwzsdsj.cn *.np3.hwzsdsj.cn *.wap.hwzsdsj.cn *.wkvms.hwzsdsj.cn *.zu2o.hwzsdsj.cn

llama4.xyz *.llama4.xyz *.xyz.llama4.xyz

*.5g.qcbxjf.cn *.m.qcbxjf.cn *.nzxrnm.qcbxjf.cn qcbxjf.cn *.qcbxjf.cn *.wap.qcbxjf.cn *.www.qcbxjf.cn

*.h.qris123hello.xyz qris123hello.xyz *.qris123hello.xyz

*.api.sesame.bot *.bot.sesame.bot *.dev.sesame.bot sesame.bot *.sesame.bot *.wn5hyh.sesame.bot

*.m.tokka.org *.mta-sts.tokka.org *.random.tokka.org *.sitemap.tokka.org tokka.org *.tokka.org *.wildcard.tokka.org

*.cloud.xn--4kry06au62b.com *.rd.xn--4kry06au62b.com *.rds.xn--4kry06au62b.com *.rdweb.xn--4kry06au62b.com *.remote.xn--4kry06au62b.com *.wildcard.xn--4kry06au62b.com xn--4kry06au62b.com *.xn--4kry06au62b.com

*.wildcard.xn--lrzz86a.com xn--lrzz86a.com *.xn--lrzz86a.com