SSL Certificate Analysis for d.kankindle.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=djworld.pro

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 16, 2026

Valid Until

May 17, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

07:27:97:9C:7A:4B:85:14:FF:36:13:BA:92:0B:CA:A2:16:DB:BF:AC:8D:B0:06:0F:B8:CB:2B:34:50:11:3E:9D

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

kankindle.com *.kankindle.com

Other domains in certificate

djworld.pro *.djworld.pro

dsduu.cc *.dsduu.cc

duneshoes.com *.duneshoes.com

ebjnj.forsale *.ebjnj.forsale

esports-888.com *.esports-888.com

esports-bet365.com *.esports-bet365.com

estheticians.net *.estheticians.net

existensis.se *.existensis.se

fabledco.us *.fabledco.us

fsfqhnstz.cn *.fsfqhnstz.cn

galaxyhotelthailand.com *.galaxyhotelthailand.com

gamesomething.com *.gamesomething.com

geniusfiction.org *.geniusfiction.org

getcannabisonline.ca *.getcannabisonline.ca

gldmezy.us *.gldmezy.us

gtopvr.forsale *.gtopvr.forsale

gwbav.gdn *.gwbav.gdn

handymanhamilton.com *.handymanhamilton.com

hightowercare.org *.hightowercare.org

hjsuh.net *.hjsuh.net

hxwij.cc *.hxwij.cc

igdlm.sbs *.igdlm.sbs

iguardservice.com *.iguardservice.com

indestructibletrimmer.co.uk *.indestructibletrimmer.co.uk

isonline.club *.isonline.club

jmqfec.cc *.jmqfec.cc

jslll18677.shop *.jslll18677.shop

kichet.com *.kichet.com

kk2017.cc *.kk2017.cc

kylelafkoff.org *.kylelafkoff.org

labely.io *.labely.io

legendfantasyland.ca *.legendfantasyland.ca

masonrhys.com *.masonrhys.com

mastermindsconsulting.com *.mastermindsconsulting.com

mega38.lol *.mega38.lol

melbet-954797.top *.melbet-954797.top

miklagaardhouse.se *.miklagaardhouse.se

mmdrxc.forsale *.mmdrxc.forsale

movietube.to *.movietube.to

myhealthvet.com *.myhealthvet.com

newdelhy.com *.newdelhy.com

lifescience.org.cn *.lifescience.org.cn

*.development-flow.thelockingcompany.com thelockingcompany.com *.thelockingcompany.com