SSL Certificate Analysis for qa.old.services - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=dailytoday.tech

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

82:00:F4:77:D4:28:F2:66:8F:4A:3D:A3:F6:05:FA:FD:13:43:69:4F:80:F7:90:A6:B6:F1:66:1E:7B:66:68:11

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

old.services *.old.services *.d.old.services *.immoh.old.services *.qa.old.services

Other domains in certificate

*.0psrb.881702.cc *.1iblc.881702.cc 881702.cc *.881702.cc *.amgvg.881702.cc *.cepnh.881702.cc *.dtaci.881702.cc *.dwg.881702.cc *.dz.881702.cc *.fs9j9.881702.cc *.gins9.881702.cc *.harm0.881702.cc *.ijtgmo.881702.cc *.iw314.881702.cc *.m.881702.cc *.nlsnyq4ac7.881702.cc *.of1a2.881702.cc *.oudib.881702.cc *.q4ac7.881702.cc *.t1gff.881702.cc *.uuioeamgvg.881702.cc *.vkuek.881702.cc *.vzza5.881702.cc *.wt7za.881702.cc *.ww38.881702.cc *.zumst.881702.cc

anthems.co.uk *.anthems.co.uk *.hostmaster.anthems.co.uk

*.app.broadus.com broadus.com *.broadus.com *.emv1.broadus.com *.owa.broadus.com *.remote.broadus.com *.ww11.broadus.com *.ww16.broadus.com

dailytoday.tech *.dailytoday.tech *.random.dailytoday.tech *.ww25.dailytoday.tech

*.adblock.djdiddywah.com djdiddywah.com *.djdiddywah.com

*.api.drushel.com *.auth.drushel.com *.authsmtp.drushel.com *.client.drushel.com *.connectvpn.drushel.com drushel.com *.drushel.com *.help.drushel.com *.imap2.drushel.com *.pmkyzwebconnect.drushel.com *.remoteaccess.drushel.com *.smtp.drushel.com *.smtps.drushel.com *.snzzuapi.drushel.com *.vpn.drushel.com *.vpn1.drushel.com *.vpn2.drushel.com

myvisagiftcard.com *.myvisagiftcard.com *.sandbox.myvisagiftcard.com *.ww25.myvisagiftcard.com

pastibejo88.xyz *.pastibejo88.xyz *.ww38.pastibejo88.xyz

qq777sport.click *.qq777sport.click

sellyourrentalhouseforcash.com *.sellyourrentalhouseforcash.com *.ww25.sellyourrentalhouseforcash.com

*.ag.tai888.net *.akamai-apigateway-stg-einvoicing.tai888.net *.mg.tai888.net *.mg1.tai888.net *.sitemap.tai888.net tai888.net *.tai888.net *.ww12.tai888.net *.ww7.tai888.net *.www.tai888.net *.www1.tai888.net *.xg.tai888.net