SSL Certificate Analysis for netfind.com - Security Grade & TLS Configuration

Open Cached · just now

92/100 SECURITY SCORE

Certificate Information

Subject

C=US, ST=New York, L=New York, O=Yahoo Holdings Inc., CN=www.wow.com

Issuer

C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert SHA2 High Assurance Server CA

Valid From

July 01, 2025

Valid Until

December 24, 2025 42 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

69:1C:87:99:00:01:C3:37:8B:7E:E4:DC:42:81:6D:B8:92:16:81:D3:86:D1:BE:41:3F:92:3B:59:DB:D1:03:09

Alternative Names

97 domains

Security Configuration

TLS Protocols

TLS 1.0 TLS 1.1 TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

Warnings

• TLS 1.1 is deprecated and should be disabled
• TLS 1.0 is deprecated and should be disabled

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31536000

Content-Security-Policy

Basic

frame-ancestors; default-src; img-src; +6 more

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

no-referrer-when-downgrade

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Configured (Restricts certificate issuance)

Current Issuer

Authorized (Matches CAA policy)

Authorized CAs

digicert.com globalsign.com

Incident Reporting

mailto:[email protected]

Recommendations

• Consider using critical flag (flags=128) for stricter CAA enforcement
• Consider adding 'issuewild' records to control wildcard certificate issuance

Subject Alternative Names

97 domains

netfind.com *.netfind.com

Other domains in certificate

24-7.pet uk.24-7.pet www.24-7.pet

247.vacations

uk.5min.com

anyprice.com www.anyprice.com

aolsearch.com *.aolsearch.com

autos.parts www.autos.parts

autos24-7.com www.autos24-7.com

baby.guide www.baby.guide

chowist.com www.chowist.com

citypedia.com www.citypedia.com

couponbear.com www.couponbear.com

diylife.com www.diylife.com

enow.com *.enow.com

fashion.life www.fashion.life

fast.rentals www.fast.rentals

find.furniture www.find.furniture

foodbegood.com www.foodbegood.com

furniture.deals www.furniture.deals

gamer.site www.gamer.site

glamorbank.com www.glamorbank.com

golocal.guru www.golocal.guru

greendaily.com www.greendaily.com

health.zone uk.health.zone www.health.zone

health247.com www.health247.com

homesessive.com www.homesessive.com

housingwatch.com www.housingwatch.com

insurance24-7.com www.insurance24-7.com

intoautos.com *.intoautos.com

job-sift.com www.job-sift.com

know-legal.com www.know-legal.com

learn-247.com www.learn-247.com

localday.com uk.localday.com www.localday.com

luxist.com www.luxist.com

money-a2z.com www.money-a2z.com

netdeals.com www.netdeals.com

pets.world www.pets.world

see-it.live www.see-it.live

shopfone.com www.shopfone.com

sport-king.com www.sport-king.com

tech24.deals www.tech24.deals

tech247.co www.tech247.co

thegifts.co www.thegifts.co

think24-7.com www.think24-7.com

viral.site www.viral.site

when.com *.when.com

wow.com *.wow.com www.wow.com