SSL Certificate Analysis for qa.cryptorevolt.co - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=haozhan.co.uk

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 20, 2026

Valid Until

August 18, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

01:80:20:46:C3:75:8E:EA:FB:3B:0F:60:91:4F:96:13:3E:46:39:DD:3C:CA:BF:70:99:1C:DB:AB:56:75:68:AB

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

cryptorevolt.co *.cryptorevolt.co *.app.cryptorevolt.co *.b582e758-7598-4863-a248-6043ef569e4c.cryptorevolt.co *.backup.cryptorevolt.co *.dashboard.cryptorevolt.co *.dev.cryptorevolt.co *.fteyrcql.cryptorevolt.co *.m.cryptorevolt.co *.mail.cryptorevolt.co *.mailer.cryptorevolt.co *.marketing.cryptorevolt.co *.secure.cryptorevolt.co *.staging.cryptorevolt.co *.uat.cryptorevolt.co *.v1.cryptorevolt.co *.web.cryptorevolt.co

Other domains in certificate

1ea0s1dawd.sbs *.1ea0s1dawd.sbs *.api.1ea0s1dawd.sbs *.app.1ea0s1dawd.sbs *.rustore.1ea0s1dawd.sbs

*.52.5tiktok.com 5tiktok.com *.5tiktok.com *.bire.5tiktok.com *.wildcard.5tiktok.com

955775.com *.955775.com *.directory.955775.com *.email.955775.com *.foto.955775.com *.sip.955775.com *.smtp1.955775.com *.tour.955775.com *.ufa.955775.com *.vc1.955775.com *.webmail.955775.com *.world.955775.com

ahein.co.uk *.ahein.co.uk

backtoschoolessentials.au *.backtoschoolessentials.au

bios-pw.net *.bios-pw.net *.digitalocean.bios-pw.net *.ww25.bios-pw.net

bj95001000.com *.bj95001000.com *.lxqwpishto.bj95001000.com *.m.bj95001000.com *.random.bj95001000.com *.wildcard.bj95001000.com *.www.bj95001000.com *.wwww.bj95001000.com

bowerylegalbd.com *.bowerylegalbd.com

feapsasturias.org *.feapsasturias.org

haozhan.co.uk *.haozhan.co.uk *.ww38.haozhan.co.uk *.www.haozhan.co.uk

manske.de *.manske.de

*.app.mathworld.net *.hostmaster.mathworld.net mathworld.net *.mathworld.net *.myapps.mathworld.net *.owa.mathworld.net *.socios.mathworld.net *.ts.mathworld.net *.tssap.mathworld.net *.www.mathworld.net *.xg.mathworld.net

*.admin.nercedi.com *.blog.nercedi.com nercedi.com *.nercedi.com *.ww17.nercedi.com *.ww25.nercedi.com

shphora.com *.shphora.com *.ww25.shphora.com

towropes.co.uk *.towropes.co.uk

*.ww25.wynn.com.au wynn.com.au *.wynn.com.au