SSL Certificate Analysis for api.levignette.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=lotionforthesoul.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 05, 2026

Valid Until

May 06, 2026 70 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

94:11:FE:16:D9:CB:6F:3B:16:FC:46:D9:54:6A:D6:5D:90:E4:F3:10:C0:7E:D1:F4:FE:E0:94:EA:3A:ED:52:2B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

levignette.it *.levignette.it

Other domains in certificate

getelevate3pl.com *.getelevate3pl.com

gingardo.com *.gingardo.com

gleam-horizon.best *.gleam-horizon.best

globalfashionnetwork.live *.globalfashionnetwork.live

gogumatv59.com *.gogumatv59.com

grist.it *.grist.it

gudangrtp.sbs *.gudangrtp.sbs

hot88-rtppasti.baby *.hot88-rtppasti.baby

hotelbedandbreakfast.it *.hotelbedandbreakfast.it

hprotravel.org *.hprotravel.org

hxe7s5i.top *.hxe7s5i.top

icehockeychallenges.com *.icehockeychallenges.com

ie75uc.shop *.ie75uc.shop

ipmfbsx1472.vip *.ipmfbsx1472.vip

ipzwm.top *.ipzwm.top

iuimorix.shop *.iuimorix.shop

jarsred.com *.jarsred.com

jt-jawo.website *.jt-jawo.website

jt1w2zd.top *.jt1w2zd.top

kangbett.org *.kangbett.org

kbijkk.net *.kbijkk.net

kcjnbiph.biz *.kcjnbiph.biz

khfgj.loan *.khfgj.loan

kitchen-renovation-239151757.click *.kitchen-renovation-239151757.click

kliklink-login4d.monster *.kliklink-login4d.monster

kvpvh.sbs *.kvpvh.sbs

kyfkm.co *.kyfkm.co

lalawin.org *.lalawin.org

langellalete.it *.langellalete.it

lapses.it *.lapses.it

lariscihuy-001.sbs *.lariscihuy-001.sbs

leadpagesd.com *.leadpagesd.com

legaltrainingpro.com *.legaltrainingpro.com

likusiomachine.com *.likusiomachine.com

lilsdf.top *.lilsdf.top

llnabaaqeuepostales.com *.llnabaaqeuepostales.com

loading-dock.com *.loading-dock.com

logic-byte.pics *.logic-byte.pics

logicsky.art *.logicsky.art

lotionforthesoul.com *.lotionforthesoul.com

loveclip.it *.loveclip.it

lucabet555.bet *.lucabet555.bet

lumarixmkt.sbs *.lumarixmkt.sbs

lumbryzn.com *.lumbryzn.com