SSL Certificate Analysis for sweetcollection.it - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=stoot.it

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 04, 2026

Valid Until

May 05, 2026 77 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FB:90:26:E7:BF:E8:1C:A1:38:7F:67:89:7C:54:D6:68:F5:31:7D:6B:5C:48:44:A7:D7:07:40:57:40:5C:8B:87

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

sweetcollection.it *.sweetcollection.it

Other domains in certificate

stoot.it *.stoot.it

submitaihub.com *.submitaihub.com

suicidal-bliss.org *.suicidal-bliss.org

switchin.it *.switchin.it

tagliecomodedonna.it *.tagliecomodedonna.it

tastethatfeeling.com *.tastethatfeeling.com

techdealtoday.com *.techdealtoday.com

telepathchain.com *.telepathchain.com

telescopica.it *.telescopica.it

temu.website *.temu.website

testsite.it *.testsite.it

thaiboxing.it *.thaiboxing.it

thebestofyou.it *.thebestofyou.it

thecamper.it *.thecamper.it

thegoldphishgroup.com *.thegoldphishgroup.com

thegroove.it *.thegroove.it

themusicstore.it *.themusicstore.it

thepetstore.co *.thepetstore.co

theshop.it *.theshop.it

theshowup.it *.theshowup.it

thetopertempshq.com *.thetopertempshq.com

theworldiwant.it *.theworldiwant.it

thezone.it *.thezone.it

think-paint.com *.think-paint.com

tianjunfz.cn *.tianjunfz.cn

tiket138.org *.tiket138.org

tiko.it *.tiko.it

timelessframephotography.live *.timelessframephotography.live

timelytides.click *.timelytides.click

timesensitive.it *.timesensitive.it

timeshopping.it *.timeshopping.it

timh.it *.timh.it

timid.it *.timid.it

timur99hash.com *.timur99hash.com

tinea.it *.tinea.it

tinylighter.com *.tinylighter.com

tipietipe.it *.tipietipe.it

tipping.it *.tipping.it

titten-cams.net *.titten-cams.net

tmdomains.com *.tmdomains.com

topmangatomes.one *.topmangatomes.one

torrentwhy157.xyz *.torrentwhy157.xyz

toscan.it *.toscan.it

tothem.it *.tothem.it