SSL Certificate Analysis for cloud.bluebird.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=candhautosalesllc.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 23, 2026

Valid Until

August 21, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AA:14:52:61:AA:90:1F:79:30:F7:DC:EC:82:9D:59:26:A1:32:24:E4:A9:9A:6B:57:CE:9A:FD:4D:1D:64:FB:B0

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

bluebird.it *.bluebird.it *.admin.bluebird.it *.app.bluebird.it *.cloud.bluebird.it *.email.bluebird.it *.exchmail.bluebird.it *.hostmaster.bluebird.it *.imap.bluebird.it *.mail3.bluebird.it *.mx001.bluebird.it *.newmail2013.bluebird.it *.outlook.bluebird.it *.pop.bluebird.it *.rdweb.bluebird.it *.remoteaccess.bluebird.it *.reports.bluebird.it

Other domains in certificate

4seasons.space *.4seasons.space *.nguyenthian.4seasons.space *.thuytrang.4seasons.space

*.42fsdf.becompany.org *.49095552.becompany.org *.aq.becompany.org *.asar.becompany.org becompany.org *.becompany.org *.bvxccvs.becompany.org *.dreams.becompany.org *.fidonet.becompany.org *.good.becompany.org *.my.becompany.org *.private.becompany.org *.surfing.becompany.org *.www.becompany.org *.xczvd231axc.becompany.org *.zcvxxc.becompany.org

candhautosalesllc.com *.candhautosalesllc.com *.wildcard.candhautosalesllc.com *.ww25.candhautosalesllc.com

*.a24a3879-30fc-472f-ae0c-a1063b876581.imepita.jp *.api.imepita.jp *.api2.imepita.jp *.cop40.imepita.jp imepita.jp *.imepita.jp *.ngbhz.imepita.jp *.pc.imepita.jp *.pv.imepita.jp *.ww12.imepita.jp *.ww7.imepita.jp

imputhealth.com *.imputhealth.com

*.app.insolvenze.it *.hostmaster.insolvenze.it insolvenze.it *.insolvenze.it

*.com.nelsonoil.com *.corp.nelsonoil.com nelsonoil.com *.nelsonoil.com *.ww16.nelsonoil.com *.ww17.nelsonoil.com *.ww25.nelsonoil.com *.ww38.nelsonoil.com *.www.nelsonoil.com

*.lifecycle.offgice.com *.manage.offgice.com offgice.com *.offgice.com *.portal.offgice.com *.products.offgice.com *.tm-4.offgice.com *.wapi.offgice.com *.ww25.offgice.com

puckprovisionscoffee.com *.puckprovisionscoffee.com *.ww16.puckprovisionscoffee.com *.ww38.puckprovisionscoffee.com

surveyresults.com.au *.surveyresults.com.au

tpcinvest.com *.tpcinvest.com

xn--12c2boax3a6cycf.xyz *.xn--12c2boax3a6cycf.xyz *.z4r76.xn--12c2boax3a6cycf.xyz

*.ww25.xnxix.com xnxix.com *.xnxix.com