SSL Certificate Analysis for hostmaster.593.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=exames.de

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5F:3D:DD:ED:13:58:5C:DB:66:E7:51:E7:F8:85:B2:D0:AF:2B:86:CD:25:B8:F0:3D:F0:70:C9:E8:1F:A1:74:DF

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

593.it *.593.it *.analytic.593.it *.ap.593.it *.api.593.it *.dash.593.it *.dashboard.593.it *.dev.593.it *.e.593.it *.forecast.593.it *.hostmaster.593.it *.intelligence.593.it *.remote.593.it

Other domains in certificate

25690.my *.25690.my

86237.click *.86237.click

867925.blog *.867925.blog

86928.gd *.86928.gd

*.97075ecd-8a7a-48a2-b7fe-48f28b546be8.bbd14.com *.app.bbd14.com bbd14.com *.bbd14.com

cosmochallenge358.info *.cosmochallenge358.info

cryptel.art *.cryptel.art

darkcity.org *.darkcity.org

exames.de *.exames.de

hartfordadvisers-governance.net *.hartfordadvisers-governance.net

hlg7229s.cc *.hlg7229s.cc

*.beta.homelnstead.com *.dev.homelnstead.com *.drupal.homelnstead.com homelnstead.com *.homelnstead.com *.host.homelnstead.com *.sales.homelnstead.com *.secure.homelnstead.com *.shop.homelnstead.com *.start.homelnstead.com *.tv.homelnstead.com *.users.homelnstead.com *.ww16.homelnstead.com *.ww38.homelnstead.com *.www.homelnstead.com

jadwalbola88.loan *.jadwalbola88.loan

losangelesspinners.com *.losangelesspinners.com

modernfinancialplanning.com *.modernfinancialplanning.com

ninjaco.io *.ninjaco.io *.sitemap.ninjaco.io *.ww25.ninjaco.io *.ww38.ninjaco.io

orderfastdragoncarryout.com *.orderfastdragoncarryout.com

projectdiyexpert.xyz *.projectdiyexpert.xyz

t2vr0p.cyou *.t2vr0p.cyou

tykq2e.shop *.tykq2e.shop

vaccum-sealer-br55.sbs *.vaccum-sealer-br55.sbs

wwwtubexxx.com *.wwwtubexxx.com

*.admin.yrwa.org *.api.yrwa.org *.m.yrwa.org *.mail.yrwa.org *.mezhhr.yrwa.org *.o.yrwa.org *.oc774j.yrwa.org *.secure.yrwa.org *.staging.yrwa.org *.test.yrwa.org *.v1.yrwa.org *.vioipmezhhr.yrwa.org *.web.yrwa.org yrwa.org *.yrwa.org