SSL Certificate Analysis for a.controller.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=freeclassifieds.it

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 24, 2026

Valid Until

August 22, 2026 56 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AA:28:6A:FC:B1:84:FC:BF:16:66:11:FF:9E:54:98:E0:9C:27:B1:00:AA:F0:70:83:75:ED:F4:63:57:06:2B:06

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

controller.it *.controller.it *.a.controller.it *.mx.controller.it

Other domains in certificate

androidpolice.co *.androidpolice.co *.ww38.androidpolice.co *.www.androidpolice.co

curilearn.co *.curilearn.co *.ww25.curilearn.co

dragonarena.games *.dragonarena.games *.mainnet.dragonarena.games *.metadata.dragonarena.games

dunkrunsonyou.com *.dunkrunsonyou.com

dustyattic.au *.dustyattic.au *.wildcard.dustyattic.au *.ww25.dustyattic.au *.ww38.dustyattic.au

evalor.co *.evalor.co

freeclassifieds.it *.freeclassifieds.it

*.foryou.funnelxpress.co *.funlazpro.funnelxpress.co funnelxpress.co *.funnelxpress.co *.review.funnelxpress.co *.superaffiliatesteps.funnelxpress.co

igasfac.com *.igasfac.com *.test.igasfac.com *.wwww.igasfac.com

inveco.co *.inveco.co

minegocio.co *.minegocio.co

mokaku.studio *.mokaku.studio

*.demo.mycareohio.com mycareohio.com *.mycareohio.com *.random.mycareohio.com *.ww16.mycareohio.com *.ww25.mycareohio.com

mygcexperiance.com *.mygcexperiance.com

*.analyze.oneidea.it *.api.oneidea.it *.bi.oneidea.it *.dev.oneidea.it oneidea.it *.oneidea.it *.superset.oneidea.it

*.audistpaul.salesrsvp.com *.backend.salesrsvp.com *.demo.salesrsvp.com *.nissangalesburg.salesrsvp.com salesrsvp.com *.salesrsvp.com

soanstock.com *.soanstock.com *.ww25.soanstock.com *.ww38.soanstock.com

*.a.wp.au *.anatoka.wp.au *.hatmayetuimefkikia.wp.au *.kw.wp.au *.munarudi.wp.au *.nakuletea.wp.au *.natowa.wp.au *.niko.wp.au *.tunalala.wp.au *.tunalipeleka.wp.au *.uko.wp.au *.umefik.wp.au *.umezoea.wp.au *.unaenda.wp.au *.upo.wp.au *.utachukuw.wp.au *.wa.wp.au *.walal.wp.au *.wanakaa.wp.au wp.au *.wp.au

youroptmumhealthcare.com *.youroptmumhealthcare.com