SSL Certificate Analysis for hostmaster.karly.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=selotgacorku.biz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 07, 2026

Valid Until

May 08, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

69:4A:D7:1C:81:44:D6:50:9D:D1:ED:B3:8A:71:73:C7:E5:6F:C1:8F:13:DA:01:1A:F1:D0:6E:3A:FB:80:97:07

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

karly.it *.karly.it *.hostmaster.karly.it

Other domains in certificate

6tt.co *.6tt.co *.l.6tt.co *.tongji.6tt.co *.ww25.6tt.co

aei168subth.com *.aei168subth.com *.kuvplay.aei168subth.com *.webdisk.aei168subth.com

*.admin.bbyname.com *.api.bbyname.com *.app.bbyname.com *.assets.bbyname.com *.autodiscover.bbyname.com bbyname.com *.bbyname.com *.cpanel.bbyname.com *.demo.bbyname.com *.dev.bbyname.com *.hjwxnmail.bbyname.com *.hostmaster.bbyname.com *.htpeeremote.bbyname.com *.mail.bbyname.com *.rds.bbyname.com *.rdweb.bbyname.com *.remote.bbyname.com *.shop.bbyname.com *.sistema.bbyname.com *.staging.bbyname.com *.test.bbyname.com *.webdisk.bbyname.com *.webmail.bbyname.com *.wp.bbyname.com *.www.bbyname.com

belgiumshepard.com *.belgiumshepard.com

*.admin.btcbit.store btcbit.store *.btcbit.store *.otc.btcbit.store *.ww38.btcbit.store

crazyfrogbrothers.xyz *.crazyfrogbrothers.xyz *.d.crazyfrogbrothers.xyz *.www.crazyfrogbrothers.xyz

feluda.org *.feluda.org *.sitemap.feluda.org *.sitemaps.feluda.org *.ww38.feluda.org *.www.feluda.org

guochwlw.sbs *.guochwlw.sbs *.www.guochwlw.sbs

*.a.haslaw.fun haslaw.fun *.haslaw.fun

hdkinohit.net *.hdkinohit.net *.random.hdkinohit.net *.ww16.hdkinohit.net *.ww25.hdkinohit.net *.ww38.hdkinohit.net

lgames.me *.lgames.me

liftlab.org.uk *.liftlab.org.uk

motorclubvehiclemovements.co.uk *.motorclubvehiclemovements.co.uk

*.cpanel.selotgacorku.biz *.cpcontacts.selotgacorku.biz selotgacorku.biz *.selotgacorku.biz *.www.selotgacorku.biz

shieldserver.click *.shieldserver.click *.sitemaps.shieldserver.click *.static.shieldserver.click

snowfoxfranchise.co.uk *.snowfoxfranchise.co.uk

theboostaro.us *.theboostaro.us *.ww38.theboostaro.us

ww19.cc *.ww19.cc *.ww25.ww19.cc