SSL Certificate Analysis for 1948.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=0518.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 03, 2026

Valid Until

May 04, 2026 73 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

41:78:D9:E4:A0:87:DE:17:D0:1D:02:C8:A2:46:CC:CA:C4:FA:C2:CC:EA:68:1B:AD:35:60:16:D5:A4:A5:8C:67

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

1948.it *.1948.it

Other domains in certificate

0518.it *.0518.it

1122f.app *.1122f.app

1290.it *.1290.it

12970.locker *.12970.locker

141595.com *.141595.com

272868.top *.272868.top

32989.academy *.32989.academy

33622.net *.33622.net

47997.loan *.47997.loan

52049.loans *.52049.loans

64212.loan *.64212.loan

mihael.it *.mihael.it

mychicken.it *.mychicken.it

neighboring.it *.neighboring.it

posbanli.net.cn *.posbanli.net.cn

overlake.it *.overlake.it

packinglist.it *.packinglist.it

pinkmore.it *.pinkmore.it

puntofinanziamenti.it *.puntofinanziamenti.it

rdyforms.org *.rdyforms.org

reimo.it *.reimo.it

rematch.it *.rematch.it

rentahummer.it *.rentahummer.it

reproductive.it *.reproductive.it

ro-empire.com *.ro-empire.com

sary.it *.sary.it

sevenstars-hk.com *.sevenstars-hk.com

sixin.it *.sixin.it

smoke-hk.com *.smoke-hk.com

speedy.cc *.speedy.cc

streetculture.it *.streetculture.it

strid.it *.strid.it

strigoi.it *.strigoi.it

tatsu.it *.tatsu.it

thefaceclub.it *.thefaceclub.it

theunityitsoftware.com *.theunityitsoftware.com

travelinspirationpath.live *.travelinspirationpath.live

ttkbet.pro *.ttkbet.pro

twodots.it *.twodots.it

watchmaking.it *.watchmaking.it

wiki188.com *.wiki188.com

ycnpqjc.cyou *.ycnpqjc.cyou

yousing.it *.yousing.it

zestkid.com *.zestkid.com