SSL Certificate Analysis for intelligence.inlove.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=easycarinsurancecentral.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 27, 2026

Valid Until

August 25, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2C:69:A3:15:10:A3:26:D9:0C:1E:09:D3:BA:FF:72:5F:A9:01:FB:19:4A:3E:6B:B3:35:49:39:30:41:F4:61:D5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

inlove.it *.inlove.it *.access.inlove.it *.admin.inlove.it *.analytics.inlove.it *.api.inlove.it *.apps.inlove.it *.autoconfig.inlove.it *.desktop.inlove.it *.eposta.inlove.it *.exch2016.inlove.it *.exchmail.inlove.it *.hostmaster.inlove.it *.intelligence.inlove.it *.mail.inlove.it *.mail1.inlove.it *.mywebmail.inlove.it *.newmail2013.inlove.it *.ogrencieposta.inlove.it *.outlook.inlove.it *.owa.inlove.it *.pop3.inlove.it *.rd.inlove.it *.rdweb.inlove.it *.remote.inlove.it *.smtp.inlove.it *.ssl.inlove.it *.sslvpn.inlove.it *.staging.inlove.it *.superset.inlove.it *.vpn.inlove.it *.webmail.inlove.it

Other domains in certificate

59662.work *.59662.work *.api.59662.work *.test.59662.work

agichat.org *.agichat.org *.www.agichat.org

*.api.augmentedcompetition.click augmentedcompetition.click *.augmentedcompetition.click *.staging.augmentedcompetition.click *.test.augmentedcompetition.click

btlibrary.pw *.btlibrary.pw *.hostmaster.btlibrary.pw *.ww12.btlibrary.pw *.ww7.btlibrary.pw *.www.btlibrary.pw

compliance-coach.com *.compliance-coach.com *.connect.compliance-coach.com *.terminal2.compliance-coach.com *.track.compliance-coach.com *.ts.compliance-coach.com *.xrozwzzikegateway.compliance-coach.com

dggaw.com *.dggaw.com *.sitemap.dggaw.com

easycarinsurancecentral.com *.easycarinsurancecentral.com

fastlowrefinancerates.com *.fastlowrefinancerates.com

*.britishredcrossandorderofst.john.red john.red *.john.red

*.api.kikihan.com *.backup.kikihan.com kikihan.com *.kikihan.com

*.api.kkjra.biz kkjra.biz *.kkjra.biz *.marketing.kkjra.biz *.members.kkjra.biz *.rustore.kkjra.biz *.secure.kkjra.biz *.v2.kkjra.biz

*.api.offshoretransport.info *.assets.offshoretransport.info *.dev.offshoretransport.info offshoretransport.info *.offshoretransport.info *.staging.offshoretransport.info *.test.offshoretransport.info

phillipagargano.com *.phillipagargano.com

tootsies.au *.tootsies.au