SSL Certificate Analysis for usvisscheduling.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=suzywan.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 15, 2026

Valid Until

August 13, 2026 52 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

14:1B:91:61:22:64:23:22:3D:5D:F5:C5:95:4A:94:D7:08:1B:16:B5:94:37:03:4B:CA:74:B9:76:5A:EF:CF:1E

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

usvisscheduling.com *.usvisscheduling.com

Other domains in certificate

africanoiljournal.com *.africanoiljournal.com

candidate.uk *.candidate.uk

cateringbarcelona.com *.cateringbarcelona.com

collegeclicks.com *.collegeclicks.com *.data.collegeclicks.com *.drupal.collegeclicks.com *.pool.collegeclicks.com *.server.collegeclicks.com *.smtp2.collegeclicks.com *.temp.collegeclicks.com

dataanalysis2024-open.space *.dataanalysis2024-open.space *.www.dataanalysis2024-open.space

degreeinsights.net *.degreeinsights.net *.random.degreeinsights.net

eldergivers.org *.eldergivers.org

elessexplo.online *.elessexplo.online *.lekar.elessexplo.online *.pt.elessexplo.online *.ro.elessexplo.online

ggchaeum.com *.ggchaeum.com *.m.ggchaeum.com

goodmamfg.com *.goodmamfg.com *.ww25.goodmamfg.com

*.access.hitech-one.com *.app.hitech-one.com *.en.hitech-one.com *.files.hitech-one.com *.fr.hitech-one.com *.gestion-conges.hitech-one.com hitech-one.com *.hitech-one.com *.modulum.hitech-one.com *.shop.hitech-one.com *.ss2i.hitech-one.com *.wip.hitech-one.com

lal.life *.lal.life

miami.au *.miami.au *.ramas.miami.au

neighborinformation.de *.neighborinformation.de

*.ad.nicecartoon.com nicecartoon.com *.nicecartoon.com

*.comune.otzf.com *.hjn.otzf.com otzf.com *.otzf.com *.quycj.otzf.com *.rwdiq.otzf.com

*.correo.picciolini.it *.ex02.picciolini.it *.imap.picciolini.it *.mx.picciolini.it *.mymail.picciolini.it *.owa.picciolini.it picciolini.it *.picciolini.it *.rdweb.picciolini.it *.smail.picciolini.it *.staging.picciolini.it

prsonapay.com *.prsonapay.com

pueinterest.de *.pueinterest.de

*.38.suzywan.com *.mail.suzywan.com *.shop.suzywan.com suzywan.com *.suzywan.com *.ww25.suzywan.com

tanyaopinhu.com *.tanyaopinhu.com

vdhownafywcbkyd.com *.vdhownafywcbkyd.com *.ww25.vdhownafywcbkyd.com