SSL Certificate Analysis for wkf.us - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=84133.loan

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 81 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

9E:6D:5E:9A:1A:6A:A6:26:FC:24:17:DF:8F:8F:2F:C0:F3:D0:28:2A:09:3F:AC:27:33:75:C5:DD:B6:D9:3F:67

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

wkf.us *.wkf.us

Other domains in certificate

820025.vip *.820025.vip

822278a.xyz *.822278a.xyz

84133.loan *.84133.loan

85354.loan *.85354.loan

865852.loan *.865852.loan

872571.loan *.872571.loan

87805.loan *.87805.loan

87887.loan *.87887.loan

88024.loan *.88024.loan

88661.loan *.88661.loan

88690.loan *.88690.loan

88691.loan *.88691.loan

88730.loan *.88730.loan

89069.loan *.89069.loan

89349.loan *.89349.loan

894904.loan *.894904.loan

92wan.xyz *.92wan.xyz

935287.loan *.935287.loan

95669.loan *.95669.loan

weddingsfieldsofgold.beauty *.weddingsfieldsofgold.beauty

weddingsgorgeousevent.beauty *.weddingsgorgeousevent.beauty

welder.one *.welder.one

whiteqwen.com *.whiteqwen.com

www-kk69.net *.www-kk69.net

wwwshoplc.com *.wwwshoplc.com

wyomingfnaws.org *.wyomingfnaws.org

xdxiny.com *.xdxiny.com

xn--2028-od5f5zj1x.com *.xn--2028-od5f5zj1x.com

xn--depilao-2wa9a.com *.xn--depilao-2wa9a.com

xn--ipw88lmq3a.com *.xn--ipw88lmq3a.com

xn--jlqz4f.com *.xn--jlqz4f.com

xn--sopaulo-xwa.net *.xn--sopaulo-xwa.net

xnai313.com *.xnai313.com

xqpyz.top *.xqpyz.top

xtradeflex1-9air.com *.xtradeflex1-9air.com

xvx79.top *.xvx79.top

y47141358.vip *.y47141358.vip

y47881501.vip *.y47881501.vip

y7iqo3.top *.y7iqo3.top

yamjv.pro *.yamjv.pro

yangguang8890666.cn *.yangguang8890666.cn

yuanda37961.com *.yuanda37961.com

yyy966.top *.yyy966.top

zhooshbenefits.business *.zhooshbenefits.business