SSL Certificate Analysis for thefounders.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=lespetitesannonces.ch

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AA:F0:96:69:CF:CA:C8:9D:D5:8C:12:4A:E6:BE:BB:0B:86:E0:D8:0B:CC:5F:DA:3F:E9:F8:98:CD:B2:9E:87:A3

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

thefounders.it *.thefounders.it

Other domains in certificate

lespetitesannonces.ch *.lespetitesannonces.ch

letsgetunsexy.com *.letsgetunsexy.com

letspaint.org *.letspaint.org

letterwriting.net *.letterwriting.net

leukemia-us-2618.click *.leukemia-us-2618.click

levelupcareer.site *.levelupcareer.site

levvue.com *.levvue.com

lexus234c.xyz *.lexus234c.xyz

lexxusa.com *.lexxusa.com

lezionepoker.it *.lezionepoker.it

lgo69bet.net *.lgo69bet.net

lgoace135.net *.lgoace135.net

libertariansocialism.org *.libertariansocialism.org

lifecommunity.it *.lifecommunity.it

lingdianli.com *.lingdianli.com

linkvao11bet.casino *.linkvao11bet.casino

lisakembercoach.com *.lisakembercoach.com

ljscm.net *.ljscm.net

lk21official.blog *.lk21official.blog

lkhsp.online *.lkhsp.online

logmyart.com *.logmyart.com

london-executive-970585101.click *.london-executive-970585101.click

loosecannonsclothing.com *.loosecannonsclothing.com

lourcel.com *.lourcel.com

tecnologie-avanzate.com *.tecnologie-avanzate.com

teknolojikriteerr.com *.teknolojikriteerr.com

teologi.it *.teologi.it

terror.it *.terror.it

tggsb.net *.tggsb.net

thailand88s.com *.thailand88s.com

theav250.xyz *.theav250.xyz

theblackrosepub.com *.theblackrosepub.com

thedeeper.it *.thedeeper.it

thedrivewithalan.com *.thedrivewithalan.com

theendofusd.com *.theendofusd.com

thegreenbit.it *.thegreenbit.it

thehack.biz *.thehack.biz

thesaints.it *.thesaints.it

thetrauma.org *.thetrauma.org

thirds.it *.thirds.it

tigerott.com *.tigerott.com

tikilver.com *.tikilver.com

tomcalen.com *.tomcalen.com