SSL Certificate Analysis for vaccing.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=1688toy.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 19, 2026

Valid Until

August 17, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

66:FE:F4:38:C3:3E:C0:6A:D9:99:17:2F:F0:0F:F8:AF:0C:E3:22:B7:4C:0B:AB:92:EF:21:00:EA:7D:1B:74:79

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

vaccing.com *.vaccing.com

Other domains in certificate

126301.blog *.126301.blog

1688toy.com *.1688toy.com

19844.my *.19844.my

391526.qpon *.391526.qpon

439050.blog *.439050.blog

4p8p.cn *.4p8p.cn

63579.qpon *.63579.qpon

7xo.asia *.7xo.asia

865732.blog *.865732.blog

87685.blog *.87685.blog

bhupalonline.in *.bhupalonline.in

branturnal.com *.branturnal.com

coolpush.com *.coolpush.com

cryptomendes.com *.cryptomendes.com

cxxkg.loan *.cxxkg.loan

daejeonstory.com *.daejeonstory.com

districtclerk.com *.districtclerk.com

dolphindefi.com *.dolphindefi.com

drnucdblaff.cc *.drnucdblaff.cc

elitistjerks.co *.elitistjerks.co

ffyso.loan *.ffyso.loan

flycc03.org.cn *.flycc03.org.cn

g22c.cyou *.g22c.cyou

g38h.cyou *.g38h.cyou

gxyrmjsubzr.cc *.gxyrmjsubzr.cc

hereataws.co *.hereataws.co

homesecurityfirst.com *.homesecurityfirst.com

inditourist.com *.inditourist.com

j3s5wf1sap.top *.j3s5wf1sap.top

juexo.com *.juexo.com

palazzosaniorenzovenezia.co *.palazzosaniorenzovenezia.co

pgcxx.bid *.pgcxx.bid

sendgrid-china.com *.sendgrid-china.com

spawzyluxe1.com *.spawzyluxe1.com

strokeresearch.org *.strokeresearch.org

teamliquigascannondale.com *.teamliquigascannondale.com

texting.tel *.texting.tel

tokmate.co *.tokmate.co

typig.co *.typig.co

usercentricsdesign.co *.usercentricsdesign.co

vivocomgroup.com *.vivocomgroup.com

vlztsb.top *.vlztsb.top

wefollowthesun.singles *.wefollowthesun.singles

werework.com *.werework.com