SSL Certificate Analysis for c44f.shop - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=2j98268.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 25, 2026

Valid Until

August 23, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

CA:7B:27:9E:B1:23:F7:B9:06:EF:E2:35:4D:84:6B:92:89:B0:FE:69:18:AC:15:7D:70:57:79:15:7D:A1:99:40

Alternative Names

91 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

91 domains

c44f.shop *.c44f.shop

Other domains in certificate

03541.vip *.03541.vip

08451.one *.08451.one

246353.lol *.246353.lol

24688.one *.24688.one

26168.cc *.26168.cc

2j98268.com *.2j98268.com

3318585.vip *.3318585.vip

398180.lol *.398180.lol

444378.com *.444378.com

488666.lol *.488666.lol

491616.lol *.491616.lol

543395.lol *.543395.lol

55ziaai.com *.55ziaai.com

65523.my *.65523.my

668714.lol *.668714.lol

89765.my *.89765.my

airportpaking.com *.airportpaking.com

aiywqlgp.sbs *.aiywqlgp.sbs

aquagorge.com *.aquagorge.com

banhq.my *.banhq.my

blisil.onl *.blisil.onl

calenar.com *.calenar.com

capitechbk.com *.capitechbk.com

codxr.com *.codxr.com

coseek.lat *.coseek.lat

cosnin.com *.cosnin.com

covug.sbs *.covug.sbs

cozooom.com *.cozooom.com

crateanndbarrel.com *.crateanndbarrel.com

doordasht.com *.doordasht.com

dpxqnfvyqo.sbs *.dpxqnfvyqo.sbs

gzycup.com *.gzycup.com

heartlegacyhq.com *.heartlegacyhq.com

htostar.com *.htostar.com

innerorigin.info *.innerorigin.info

innerresolve.info *.innerresolve.info

innerspiritguide.info *.innerspiritguide.info

instagsram.com *.instagsram.com

kios62masuk.sbs *.kios62masuk.sbs

knu5.com *.knu5.com

leagueoflegens.com *.leagueoflegens.com

legalizer.onl *.legalizer.onl

*.mail.northestyle.com northestyle.com *.northestyle.com

qralabs.com *.qralabs.com