SSL Certificate Analysis for kreditwizard.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=d0c87bfa696fcc72.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

May 29, 2026

Valid Until

August 27, 2026 66 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C5:A9:59:08:A1:30:78:9F:FC:C7:CE:9D:7C:6E:40:FD:C6:58:9E:66:C3:A9:7F:70:BE:2C:C7:11:13:4F:BA:67

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

kreditwizard.com *.kreditwizard.com

Other domains in certificate

d0c87bfa696fcc72.com *.d0c87bfa696fcc72.com

*.back.drudgereporting.com drudgereporting.com *.drudgereporting.com

elitenesthomespro.com *.elitenesthomespro.com

elitepaladin917.top *.elitepaladin917.top

f9b72b9f582db27c.com *.f9b72b9f582db27c.com

faio.org *.faio.org

formipow.com *.formipow.com

glycerole.com *.glycerole.com

griyawallpaper.com *.griyawallpaper.com

grouphealthcareplan.com *.grouphealthcareplan.com *.m.grouphealthcareplan.com

gymsshark.club *.gymsshark.club

hb1s6x.cyou *.hb1s6x.cyou

hello-salessavvy.com *.hello-salessavvy.com

henbituale.com *.henbituale.com

hewnfdmwiruf5893sfnhwav.top *.hewnfdmwiruf5893sfnhwav.top

holistichick.com *.holistichick.com

horseback.io *.horseback.io

innodiet.com *.innodiet.com

ironman.blog *.ironman.blog *.m.ironman.blog

jccurlcomet.com *.jccurlcomet.com

joinwiners.com *.joinwiners.com

jordansfoundation.org *.jordansfoundation.org *.m.jordansfoundation.org

jyfbike.com *.jyfbike.com

kilowattcards.com *.kilowattcards.com

kjdhvbn1847dmqweuz.top *.kjdhvbn1847dmqweuz.top

krqyrtt288.vip *.krqyrtt288.vip

lacafes.com *.lacafes.com

layeredge.xyz *.layeredge.xyz

liquidtv.net *.liquidtv.net

luxuryline.net *.luxuryline.net

m7ep9w7m.my *.m7ep9w7m.my

magictouchhair.com *.magictouchhair.com

moeentalent.com *.moeentalent.com

nhgsigf.top *.nhgsigf.top

nowtoiconic.info *.nowtoiconic.info

nsiede.com *.nsiede.com

xgslot88pt.org *.xgslot88pt.org

xn--letw15k.com *.xn--letw15k.com

xn--xcrp0o.com *.xn--xcrp0o.com

xx9889.cc *.xx9889.cc

zmh125r.top *.zmh125r.top

zoltlottoau.com *.zoltlottoau.com