SSL Certificate Analysis for pay.bitikbaaz.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=03202.one

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 18, 2026

Valid Until

September 16, 2026 85 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AB:CA:9A:65:30:53:DC:92:44:36:AF:A5:57:30:3B:FD:97:6A:C7:A5:0C:32:06:90:21:7D:58:CF:E1:55:BE:9B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bitikbaaz.com *.bitikbaaz.com

Other domains in certificate

03202.one *.03202.one

27016.my *.27016.my

5280burritos.org *.5280burritos.org

5517m.com *.5517m.com

58jili.online *.58jili.online

62121.my *.62121.my

64084.loan *.64084.loan

harmonizedfocus.xyz *.harmonizedfocus.xyz

helittetrade.com *.helittetrade.com

herbalx.com *.herbalx.com

hramata.com *.hramata.com

hubdefinedlearning.com *.hubdefinedlearning.com

hunoai.com *.hunoai.com

hyphenproductions.com *.hyphenproductions.com

inrrg.com *.inrrg.com

instantthrivemap.com *.instantthrivemap.com

jili8998.xyz *.jili8998.xyz

juzyxe.xyz *.juzyxe.xyz

kds4198.cc *.kds4198.cc

kkby456.pro *.kkby456.pro

learners.degree *.learners.degree

lesino.shop *.lesino.shop

lonu.org *.lonu.org

lqczk.qpon *.lqczk.qpon

lqydtl.cc *.lqydtl.cc

studeointeractiveplus.com *.studeointeractiveplus.com

teaseconnect.com *.teaseconnect.com

terraaction816.shop *.terraaction816.shop

theagoraagency.com *.theagoraagency.com

theppappointment.cfd *.theppappointment.cfd

thevicfernnhealthcare.com *.thevicfernnhealthcare.com

traintrains.com *.traintrains.com

try-creditkarna.com *.try-creditkarna.com

umrahlastoffers.com *.umrahlastoffers.com

unbelt.net *.unbelt.net

vermogenx.xyz *.vermogenx.xyz

vipwin.ooo *.vipwin.ooo

visionavapro300.net *.visionavapro300.net

xtxtshop.com *.xtxtshop.com

yhakenyatravel.com *.yhakenyatravel.com

yubvy.live *.yubvy.live

zlataprava.com *.zlataprava.com

zmm10.live *.zmm10.live

znqos.gdn *.znqos.gdn