SSL Certificate Analysis for chinto.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=dealdelivery.online

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 21, 2026

Valid Until

April 21, 2026 79 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A5:FD:A3:46:FF:C3:FF:5D:15:1B:1E:69:6D:0B:54:65:D2:58:AD:DB:DC:43:A3:83:9F:DA:48:1A:ED:AD:23:30

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

chinto.com *.chinto.com *.ww1.chinto.com *.ww17.chinto.com *.www.chinto.com

Other domains in certificate

bikenorte.com.br *.bikenorte.com.br *.ww38.bikenorte.com.br

cpbus.info *.cpbus.info *.mail.cpbus.info *.ww25.cpbus.info *.www.cpbus.info

dealdelivery.online *.dealdelivery.online

hotpor.com *.hotpor.com

inhalers.com.au *.inhalers.com.au *.random.inhalers.com.au *.ww38.inhalers.com.au

mackeyfi19.sbs *.mackeyfi19.sbs *.ww38.mackeyfi19.sbs

mp3juice3.cc *.mp3juice3.cc *.ww16.mp3juice3.cc *.ww38.mp3juice3.cc *.ww6.mp3juice3.cc

*.2037829062457753611.npwt-medelahealthcare.us *.admin.npwt-medelahealthcare.us *.api.npwt-medelahealthcare.us *.app.npwt-medelahealthcare.us *.assets.npwt-medelahealthcare.us *.demo.npwt-medelahealthcare.us *.dev.npwt-medelahealthcare.us *.m.npwt-medelahealthcare.us npwt-medelahealthcare.us *.npwt-medelahealthcare.us *.test.npwt-medelahealthcare.us *.vpn.npwt-medelahealthcare.us *.webmail.npwt-medelahealthcare.us *.ww25.npwt-medelahealthcare.us

*.app-dev.sexdom.click *.ci.sexdom.click *.preview.sexdom.click sexdom.click *.sexdom.click

sexerotic.cc *.sexerotic.cc

shukbr.co *.shukbr.co *.ww25.shukbr.co

sili.live *.sili.live *.ww25.sili.live

silverheartring.com *.silverheartring.com *.ww25.silverheartring.com

singtaodaily.com *.singtaodaily.com *.ww25.singtaodaily.com

*.bi.slovonevorobey.club slovonevorobey.club *.slovonevorobey.club *.staging.slovonevorobey.club *.ww25.slovonevorobey.club

soos.au *.soos.au *.ww25.soos.au

vata.news *.vata.news *.ww25.vata.news

*.api.werkplaats.com *.cultuur.werkplaats.com *.jobs.werkplaats.com *.mta-sts.werkplaats.com *.search.werkplaats.com werkplaats.com *.werkplaats.com

*.es.xhroot.life *.ge.xhroot.life *.hi.xhroot.life *.ko.xhroot.life *.nl.xhroot.life *.tr.xhroot.life *.vi.xhroot.life xhroot.life *.xhroot.life *.zh.xhroot.life