SSL Certificate Analysis for api.laltra.it - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=coolagri.net

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 04, 2026

Valid Until

May 05, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

86:32:46:8A:0D:32:06:3F:73:01:B0:F7:C5:BB:FF:D0:75:5D:2A:5C:DD:FE:2E:A3:E7:55:D8:99:94:34:ED:B6

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

laltra.it *.laltra.it

Other domains in certificate

coolagri.net *.coolagri.net

credit-card-services-mb7.click *.credit-card-services-mb7.click

daftpunk.it *.daftpunk.it

daget77plust.homes *.daget77plust.homes

detras.it *.detras.it

e5474690.vip *.e5474690.vip

earthlytravelwonders.live *.earthlytravelwonders.live

efkefg.cc *.efkefg.cc

entertainmentnews.it *.entertainmentnews.it

entourages.it *.entourages.it

enzino.it *.enzino.it

firegame.it *.firegame.it

fk25rto.cyou *.fk25rto.cyou

futurecrafthub.com *.futurecrafthub.com

gamedoithuongnet88.me *.gamedoithuongnet88.me

getrich-58x9cbu.sbs *.getrich-58x9cbu.sbs

getvantasoftcrew.com *.getvantasoftcrew.com

gfmnyo.biz *.gfmnyo.biz

goodpeople.it *.goodpeople.it

gp3.it *.gp3.it

hairperfumes.com *.hairperfumes.com

ictskilling.com *.ictskilling.com

ideaeventi.it *.ideaeventi.it

itgreen.it *.itgreen.it

jabulgorba.com *.jabulgorba.com

kozafe-yekuru.sbs *.kozafe-yekuru.sbs

kukalena.top *.kukalena.top

labyrinthhunters.com *.labyrinthhunters.com

landingjobs.it *.landingjobs.it

lastminuteresort.it *.lastminuteresort.it

lbpa.cn *.lbpa.cn

magicexplorer462.shop *.magicexplorer462.shop

medicalrehabilitation.it *.medicalrehabilitation.it

memeexchange.org *.memeexchange.org

mnn8fx.top *.mnn8fx.top

munz.it *.munz.it

mytexasmedia.com *.mytexasmedia.com

nard.it *.nard.it

nhacailucky88.support *.nhacailucky88.support

nhzglgof.com *.nhzglgof.com

onceagain.it *.onceagain.it

onthemarket.it *.onthemarket.it

pastidapatduitjp.buzz *.pastidapatduitjp.buzz

play-crown-outpost.xyz *.play-crown-outpost.xyz