SSL Certificate Analysis for krasa.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mang.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3C:29:9B:B4:E3:4A:9E:0D:A5:74:FA:43:98:42:D5:4F:19:0B:CA:83:A1:B4:61:29:E0:06:E3:3D:38:BE:06:0E

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

krasa.it *.krasa.it

Other domains in certificate

kyoto98best.it.com *.kyoto98best.it.com kyoto98win.it.com *.kyoto98win.it.com

kobonet.top *.kobonet.top *.scdn.kobonet.top

kohtaohotels.com *.kohtaohotels.com

lacasadellabirra.it *.lacasadellabirra.it

lahuri.com *.lahuri.com

landscape-gr-yshkin.click *.landscape-gr-yshkin.click

lavable.it *.lavable.it

leafsivory.com *.leafsivory.com

lesgranges-fr.com *.lesgranges-fr.com

libanese.it *.libanese.it

lifu.one *.lifu.one

liga.cafe *.liga.cafe

listaste.com *.listaste.com

livesportsat.com *.livesportsat.com

localfoodlegends.food *.localfoodlegends.food

lot-tery.com *.lot-tery.com

lottosod168.co *.lottosod168.co

lrpdn.pro *.lrpdn.pro

lunhotyager.com *.lunhotyager.com

lwvteaneck.org *.lwvteaneck.org

lzpl1734.cc *.lzpl1734.cc

madonnamia.it *.madonnamia.it

madroneco.com *.madroneco.com

madweb.co *.madweb.co

mafiawars.it *.mafiawars.it

magaballnet.com *.magaballnet.com

magazine-carthage.com *.magazine-carthage.com

mang.it *.mang.it

marcomarino.design *.marcomarino.design

maripanen889.biz *.maripanen889.biz

masaflorida.org *.masaflorida.org

mascottes.it *.mascottes.it

massetapp.com *.massetapp.com

matchlive.it *.matchlive.it

maxiscooters.it *.maxiscooters.it

mediafytradesb2b.com *.mediafytradesb2b.com

metroxynth.com *.metroxynth.com

meyeradvogados.com *.meyeradvogados.com

mezzapensione.it *.mezzapensione.it

mf10.fo *.mf10.fo

mgbuc0yym.buzz *.mgbuc0yym.buzz

mgckgbn.com *.mgckgbn.com