SSL Certificate Analysis for library.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=208197.cc

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 04, 2026

Valid Until

May 05, 2026 67 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DB:D1:6D:FA:18:5A:5A:C1:FA:12:B4:7F:78:84:51:09:E3:CC:30:19:33:78:26:E2:00:7C:79:2E:90:B3:DE:92

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

library.it *.library.it

Other domains in certificate

080863.com *.080863.com

131083.club *.131083.club

208197.cc *.208197.cc

269835.shop *.269835.shop

assegnoscoperto.it *.assegnoscoperto.it

assicurazioneprofessionaleonline.it *.assicurazioneprofessionaleonline.it

atcenter.it *.atcenter.it

authenticfoodpilgrimage.food *.authenticfoodpilgrimage.food

avverso.it *.avverso.it

azure-velvet.info *.azure-velvet.info

baja.it *.baja.it

basicvideo.it *.basicvideo.it

baston.co *.baston.co

bbdh.lol *.bbdh.lol

bikechain.it *.bikechain.it

blackrestaurant.it *.blackrestaurant.it

bleggiosuperiore.it *.bleggiosuperiore.it

blight.it *.blight.it

blktraw272.vip *.blktraw272.vip

blockcard.it *.blockcard.it

blog-lithub.com *.blog-lithub.com

bloggatore.it *.bloggatore.it

boatparty.it *.boatparty.it

bookingchef.it *.bookingchef.it

bookingdirect.it *.bookingdirect.it

bookingfly.it *.bookingfly.it

bqztjz.com *.bqztjz.com

breakdowns.it *.breakdowns.it

brunchfastclub.com *.brunchfastclub.com

leisoleeolie.it *.leisoleeolie.it

leon-zerkalo-hp52.xyz *.leon-zerkalo-hp52.xyz

levelupjobs.site *.levelupjobs.site

likeslot789vip.org *.likeslot789vip.org

linestack.com *.linestack.com

lkhmv.pro *.lkhmv.pro

localizar.it *.localizar.it

loginaccesscontrol.us *.loginaccesscontrol.us

logistiche.it *.logistiche.it

logodesigning.it *.logodesigning.it

logodesigntexas.com *.logodesigntexas.com

logoluminatop.com *.logoluminatop.com

logoprint.it *.logoprint.it

lois.cc *.lois.cc

loven.it *.loven.it