SSL Certificate Analysis for esotrading.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=883730.lol

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 17, 2026

Valid Until

September 15, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A0:26:FF:BE:5F:F0:4F:DD:2E:26:35:DA:5E:30:5E:1C:34:28:B0:F3:F1:DA:47:EE:96:67:2B:F8:78:FF:7B:01

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

esotrading.com *.esotrading.com

Other domains in certificate

055999.cc *.055999.cc

1xbet-u.xyz *.1xbet-u.xyz

62016.my *.62016.my

62034.my *.62034.my

62948.loan *.62948.loan

730623.qpon *.730623.qpon

73962.my *.73962.my

80919.co *.80919.co

86062.gdn *.86062.gdn

883730.lol *.883730.lol

903240.cc *.903240.cc

907861.lol *.907861.lol

908707.lol *.908707.lol

adstrategics.com *.adstrategics.com

aisecurecoaching.org *.aisecurecoaching.org

arsenal-dos-jogos.com *.arsenal-dos-jogos.com

aspenremodel.com *.aspenremodel.com

banahen.com *.banahen.com

blueskyendeavors.com *.blueskyendeavors.com

bookwisemarket.pro *.bookwisemarket.pro

btmarketing.xyz *.btmarketing.xyz

cons-umerhubch.com *.cons-umerhubch.com

nexgenpharmacy.com *.nexgenpharmacy.com

nonkart.com *.nonkart.com

nutoco.com *.nutoco.com

officialgirisix.com *.officialgirisix.com

offlinegigs.com *.offlinegigs.com

ohdes.qpon *.ohdes.qpon

oncallonlinenotary.com *.oncallonlinenotary.com

online-2falogin.com *.online-2falogin.com

ooknmjmimkimim.vip *.ooknmjmimkimim.vip

openbig8.com *.openbig8.com

orientalcard.com *.orientalcard.com

qogara.com *.qogara.com

qwgpj.red *.qwgpj.red

racecardgravebag.com *.racecardgravebag.com

refinehoickgroup.info *.refinehoickgroup.info

rersc.red *.rersc.red

sandgatez.com *.sandgatez.com

spinclub-arena.club *.spinclub-arena.club

spinstorm-portal.club *.spinstorm-portal.club

technibble.xyz *.technibble.xyz

themoon.cloud *.themoon.cloud

theraftperth.com.au *.theraftperth.com.au