SSL Certificate Analysis for db.sefer.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=bebenate.industries

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 04, 2026

Valid Until

July 03, 2026 51 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

57:F5:FB:D6:72:20:11:8D:CF:77:09:7E:80:B3:AE:1B:99:43:74:F6:E6:AD:F2:6E:84:14:C3:5C:68:E6:BD:C3

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

sefer.it *.sefer.it *.ci.sefer.it *.data.sefer.it *.database.sefer.it *.dev.sefer.it *.intelligence.sefer.it *.mail.sefer.it *.notexistsdata.sefer.it *.pma.sefer.it *.preprod.sefer.it *.redash.sefer.it *.reporting.sefer.it *.stats.sefer.it

Other domains in certificate

1026lls301.top *.1026lls301.top *.63f2ff12d73cbba747886d1294e47b70.1026lls301.top *.c4c57867090ebf0035f29780ba1d2890.1026lls301.top

86491.locker *.86491.locker *.cc.86491.locker

*.apps.arabic.center arabic.center *.arabic.center *.bayan.arabic.center *.calligraphy.arabic.center *.qr.arabic.center *.translate.arabic.center

asdfg.town *.asdfg.town

*.865eed0b-72a7-47c2-a5dd-00c010222b82.bebenate.industries *.anyconnect.bebenate.industries *.assets.bebenate.industries bebenate.industries *.bebenate.industries *.dev.bebenate.industries *.hostmaster.bebenate.industries *.landings.bebenate.industries *.loja.bebenate.industries *.membros.bebenate.industries *.seguro.bebenate.industries *.sms.bebenate.industries *.staging.bebenate.industries *.zxqrplandings.bebenate.industries

bethelwholesale.com *.bethelwholesale.com

bra07.com *.bra07.com *.vpn01.bra07.com

cvnx.app *.cvnx.app *.wiki.cvnx.app

emovies-official.site *.emovies-official.site *.www.emovies-official.site

isuzukhonkaen.com *.isuzukhonkaen.com

mopaly.com *.mopaly.com

*.ga.mudstencils.com *.ks.mudstencils.com *.me.mudstencils.com mudstencils.com *.mudstencils.com *.tn.mudstencils.com *.tx.mudstencils.com *.wa.mudstencils.com *.wi.mudstencils.com

*.backup.orfnews.at *.beta.orfnews.at *.blog.orfnews.at *.crm.orfnews.at *.demo.orfnews.at *.ext.orfnews.at *.forum.orfnews.at *.forums.orfnews.at *.help.orfnews.at *.iki.orfnews.at *.new.orfnews.at orfnews.at *.orfnews.at *.oupbhiki.orfnews.at *.sitemaps.orfnews.at *.temp.orfnews.at

seoconsultant667149.icu *.seoconsultant667149.icu

*.random.wohoo.eu wohoo.eu *.wohoo.eu