SSL Certificate Analysis for twsliveb.it.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=121e71567c234787.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 29, 2026

Valid Until

July 28, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

97:1A:88:E1:41:12:30:D2:81:22:FB:89:9E:19:9D:C3:60:A9:68:69:B1:5E:ED:FF:49:89:B3:43:33:B9:A5:4A

Alternative Names

91 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

91 domains

twsliveb.it.com *.twsliveb.it.com

Other domains in certificate

1133yjj301.top *.1133yjj301.top

121e71567c234787.com *.121e71567c234787.com

51128.my *.51128.my

53926.town *.53926.town

61087.one *.61087.one

62413.cc *.62413.cc

62836.mobi *.62836.mobi

83500.one *.83500.one

87514.mobi *.87514.mobi

98909.pro *.98909.pro

a308rpt.top *.a308rpt.top

androidscreenrecorder.com *.androidscreenrecorder.com

arappai.com *.arappai.com

balitourism.in *.balitourism.in

butzensee.de *.butzensee.de *.sitemap.butzensee.de

fermtecgmbh.de *.fermtecgmbh.de

geek.ad *.geek.ad

happy-hirsch.de *.happy-hirsch.de

hemsway.com *.hemsway.com

kokoplaya.it.com *.kokoplaya.it.com

kokoplayvip.it.com *.kokoplayvip.it.com

krynzor.com *.krynzor.com

kxd38.icu *.kxd38.icu

lightwise.info *.lightwise.info

m4max.life *.m4max.life

majorplay.it.com *.majorplay.it.com

migrainetreatment-usa.sbs *.migrainetreatment-usa.sbs

mlyvora.com *.mlyvora.com

nameduo.domains *.nameduo.domains

onecenturioautomation.com *.onecenturioautomation.com

onsite-event-badge-printing3.click *.onsite-event-badge-printing3.click

prostatricum.bio *.prostatricum.bio

proxyindia.com *.proxyindia.com

prynov.com *.prynov.com

purelypioneers.live *.purelypioneers.live

saasivo.info *.saasivo.info

sonitotoe.it.com *.sonitotoe.it.com

top-automation-tools.top *.top-automation-tools.top

useknowledgehub.com *.useknowledgehub.com

usesoftwareboost.com *.usesoftwareboost.com

vipae.horse *.vipae.horse

vlmach.top *.vlmach.top

vrtraveling.com *.vrtraveling.com

wdpmywdp.com *.wdpmywdp.com