SSL Certificate Analysis for hostmaster.stevan.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=10050.io

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 12, 2026

Valid Until

August 10, 2026 52 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

32:22:32:6C:8E:19:07:CA:04:E5:83:CE:3C:2A:40:8C:63:39:E2:DB:31:04:17:FD:AB:5F:3C:C9:08:87:A3:2B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

stevan.it *.stevan.it *.hostmaster.stevan.it *.imap.stevan.it *.mail.stevan.it *.mx.stevan.it *.rd.stevan.it *.rds.stevan.it *.rdweb.stevan.it *.remote.stevan.it *.webmail.stevan.it

Other domains in certificate

10050.io *.10050.io *.ww25.10050.io

3pagodawin.xyz *.3pagodawin.xyz *.blog.3pagodawin.xyz *.postmaster.3pagodawin.xyz

above.net.nz *.above.net.nz *.ww16.above.net.nz

bitbet.live *.bitbet.live *.mail.bitbet.live

*.api.crhnode.top *.api2.crhnode.top *.com.crhnode.top crhnode.top *.crhnode.top *.zdrowie.crhnode.top

*.app.dylan7.com *.backend.dylan7.com *.dashboard.dylan7.com *.demo.dylan7.com *.dev.dylan7.com dylan7.com *.dylan7.com *.help.dylan7.com *.pc.dylan7.com *.pop.dylan7.com *.portal.dylan7.com *.remote.dylan7.com *.secure.dylan7.com *.store.dylan7.com *.support.dylan7.com *.test.dylan7.com *.update.dylan7.com *.webmail.dylan7.com *.wiki.dylan7.com

*.apps2.edwadjones.com *.auth.edwadjones.com edwadjones.com *.edwadjones.com *.everbridge.edwadjones.com *.gateway.edwadjones.com *.ssl.edwadjones.com *.uat.edwadjones.com *.vdesk.edwadjones.com *.vpn.edwadjones.com *.vpn3.edwadjones.com *.webconnect.edwadjones.com *.ww1.edwadjones.com

*.api.excel.casino excel.casino *.excel.casino *.help.excel.casino

filibusted.net *.filibusted.net *.ww25.filibusted.net

graniteindian.com *.graniteindian.com *.ww16.graniteindian.com

*.email.hostedserver.com.au hostedserver.com.au *.hostedserver.com.au

mcguider.com *.mcguider.com

nackfotos-kostenlos.de *.nackfotos-kostenlos.de *.random.nackfotos-kostenlos.de

recargaclaro.com.br *.recargaclaro.com.br *.whatsapp.recargaclaro.com.br

saj.au *.saj.au *.ww25.saj.au *.ww38.saj.au

*.jxaeha.shineanddeuptail.com shineanddeuptail.com *.shineanddeuptail.com