SSL Certificate Analysis for tcountyshopper.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=ventiquattroore.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 13, 2026

Valid Until

May 14, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2F:8D:32:10:22:F6:E5:DB:F3:EA:B1:D7:01:E0:3B:FE:FA:FE:EE:9E:F3:55:AB:50:9C:87:FB:64:07:11:A4:CC

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

tcountyshopper.com *.tcountyshopper.com

Other domains in certificate

*.50.aff005.cool *.7u.aff005.cool aff005.cool *.aff005.cool *.ant.aff005.cool *.cg.aff005.cool *.cowwwdsp.aff005.cool *.desktop.aff005.cool *.didi.aff005.cool *.dsp.aff005.cool *.fans.aff005.cool *.flj.aff005.cool *.gv.aff005.cool *.mv.aff005.cool *.sir.aff005.cool *.ttt.aff005.cool *.yhy.aff005.cool *.zpc.aff005.cool

gamesoccer.it *.gamesoccer.it *.hostmaster.gamesoccer.it

hjb4b5.top *.hjb4b5.top *.ww84.hjb4b5.top

*.hostmaster.infornare.com infornare.com *.infornare.com

loonghk.com *.loonghk.com

marquescontracting.com *.marquescontracting.com *.sitemap.marquescontracting.com

newlesbian.club *.newlesbian.club

ogstartracker.com *.ogstartracker.com

oilinvesttop.com *.oilinvesttop.com

optichar.com *.optichar.com

optimuminsurancesolution.com *.optimuminsurancesolution.com

over-theglobeapi.com *.over-theglobeapi.com

pgjcz.tv *.pgjcz.tv

play-inferno-bazaar.xyz *.play-inferno-bazaar.xyz

posh911.info *.posh911.info

safewav.com *.safewav.com

sapphic.us *.sapphic.us

selfy78.com *.selfy78.com

serv-proz.net *.serv-proz.net

shevaacm.vin *.shevaacm.vin

southernmademobile.com *.southernmademobile.com

spaintell.club *.spaintell.club

supportpayacess.com *.supportpayacess.com

supportpayauto.com *.supportpayauto.com

tardair.com *.tardair.com

techreal.club *.techreal.club

*.staging.termoventilatore.it termoventilatore.it *.termoventilatore.it

ttqtg.gdn *.ttqtg.gdn

*.api.ventiquattroore.it ventiquattroore.it *.ventiquattroore.it

vinack.cc *.vinack.cc

vivastreet.me *.vivastreet.me

vvhole.mba *.vvhole.mba

xlljvi.cc *.xlljvi.cc