SSL Certificate Analysis for loads.it - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=kiw.it

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 03, 2026

Valid Until

May 04, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

7D:86:73:72:E6:08:D9:CE:BA:E9:9B:78:E2:94:67:7C:1F:85:3A:AB:32:96:4F:E5:D4:84:B3:95:5A:3E:9E:F7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

loads.it *.loads.it

Other domains in certificate

kiw.it *.kiw.it

kolberg.it *.kolberg.it

kotur.it *.kotur.it

kristien.it *.kristien.it

lastoff.it *.lastoff.it

lavocedifirenze.it *.lavocedifirenze.it

leccato.it *.leccato.it

lemond.it *.lemond.it

lewiscircleofproducts.cc *.lewiscircleofproducts.cc

lightmeup.it *.lightmeup.it

linkcenter.it *.linkcenter.it

liteforex.it *.liteforex.it

liveandgo.it *.liveandgo.it

loculo.it *.loculo.it

lordofrings.it *.lordofrings.it

lunchbreak.it *.lunchbreak.it

mahon.it *.mahon.it

makemobile.it *.makemobile.it

manutenzionifotovoltaico.it *.manutenzionifotovoltaico.it

mapofmaldives.com *.mapofmaldives.com

mariet.it *.mariet.it

memni.bid *.memni.bid

miragevelvet.world *.miragevelvet.world

nngt.org *.nngt.org

nobiru.co *.nobiru.co

pbuqf.net *.pbuqf.net

perfectppl.com *.perfectppl.com

pfg3f.cc *.pfg3f.cc

purenailsspa.co.uk *.purenailsspa.co.uk

qwnsd.bid *.qwnsd.bid

rayvsoul.com *.rayvsoul.com

realforce.it *.realforce.it

revisioneveicoli.it *.revisioneveicoli.it

riotechltd.com *.riotechltd.com

riversee.org *.riversee.org

rnb9m.cc *.rnb9m.cc

rozy.it *.rozy.it

sampoli.it *.sampoli.it

siamofuori.it *.siamofuori.it

spalim.com *.spalim.com

speedinthecity.it *.speedinthecity.it

sphacelial.com *.sphacelial.com

spidem.it *.spidem.it

spinnertricks.it *.spinnertricks.it