SSL Certificate Analysis for test.exportimportdocument.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=kusol.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 13, 2026

Valid Until

April 13, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

31:BF:1E:33:B0:3D:E4:75:9B:EF:BD:85:A6:02:94:6F:5F:A2:21:9B:63:C3:A1:EC:35:59:E2:9C:DF:3E:EC:38

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

exportimportdocument.com *.exportimportdocument.com *.demo.exportimportdocument.com

Other domains in certificate

assigns.net *.assigns.net *.ww25.assigns.net

*.cf.compare24.cc compare24.cc *.compare24.cc *.landing.compare24.cc *.www.compare24.cc

hotcomic.io *.hotcomic.io *.ww25.hotcomic.io *.ww38.hotcomic.io

*.admin.kusol.com *.ads.kusol.com *.ai.kusol.com *.alpha.kusol.com *.bi.kusol.com *.chat.kusol.com *.flow.kusol.com *.forum.kusol.com *.fr.kusol.com *.id.kusol.com kusol.com *.kusol.com *.mail.kusol.com *.mobile.kusol.com *.new.kusol.com *.old.kusol.com *.pics.kusol.com *.poczta.kusol.com *.software.kusol.com *.superset.kusol.com *.test.kusol.com *.wildcard.kusol.com *.ww11.kusol.com *.www.kusol.com *.www2.kusol.com

mailonick.xyz *.mailonick.xyz *.ww25.mailonick.xyz

marinagomes.blog *.marinagomes.blog *.ww25.marinagomes.blog *.ww38.marinagomes.blog

markettrading247.com *.markettrading247.com *.www.markettrading247.com

*.cpcalendars.metropolitanministries.org metropolitanministries.org *.metropolitanministries.org *.ww12.metropolitanministries.org

*.27h4h1x31arlrmhqae88hjnhk.mscmsit.xyz *.2me4io04uy7mxktfwznk3bpfo.mscmsit.xyz *.37mtceq31roiudprjzyv0452r.mscmsit.xyz *.3g.mscmsit.xyz *.app.mscmsit.xyz *.autoconfig.mscmsit.xyz *.backend.mscmsit.xyz *.cdn.mscmsit.xyz *.com.mscmsit.xyz *.cpcontacts.mscmsit.xyz *.d.mscmsit.xyz *.data.mscmsit.xyz *.demo.mscmsit.xyz *.imap.mscmsit.xyz *.magento.mscmsit.xyz *.media.mscmsit.xyz mscmsit.xyz *.mscmsit.xyz *.s.mscmsit.xyz *.schedule.mscmsit.xyz *.site.mscmsit.xyz *.superset.mscmsit.xyz *.testing.mscmsit.xyz *.town.mscmsit.xyz *.usps.mscmsit.xyz *.ww17.mscmsit.xyz *.www1.mscmsit.xyz

*.mail.pcirish.org pcirish.org *.pcirish.org *.webmail.pcirish.org *.ww25.pcirish.org

*.random.unsolvedcaseproject.com unsolvedcaseproject.com *.unsolvedcaseproject.com *.ww25.unsolvedcaseproject.com