SSL Certificate Analysis for larva.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=hbs.com.pl

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 27, 2026

Valid Until

July 26, 2026 58 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DE:DB:11:6A:34:FB:6B:F6:05:BD:E3:8C:F1:4F:6F:A8:10:6A:F7:F2:6F:3D:0A:AD:A6:06:1B:AD:E7:3B:BE:AB

Alternative Names

87 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

87 domains

larva.it *.larva.it *.analytic.larva.it *.hostmaster.larva.it *.intelligence.larva.it *.mx.larva.it *.qa.larva.it *.www.larva.it

Other domains in certificate

062670.cc *.062670.cc

123movieflix.xyz *.123movieflix.xyz *.online.123movieflix.xyz

26766.xyz *.26766.xyz

gslkx.auction *.gslkx.auction

*.develop.hbs.com.pl hbs.com.pl *.hbs.com.pl *.hml.hbs.com.pl *.jenkins.hbs.com.pl *.mailhost.hbs.com.pl *.owa.hbs.com.pl *.pop.hbs.com.pl *.pop3.hbs.com.pl *.webmail.hbs.com.pl *.ww25.hbs.com.pl *.ww38.hbs.com.pl

*.hostmaster.intifada.it intifada.it *.intifada.it *.remote.intifada.it

k7026r.top *.k7026r.top

my-slots.com *.my-slots.com

*.client.onogur.com *.extranet.onogur.com *.mail9.onogur.com onogur.com *.onogur.com *.random.onogur.com *.receiver.onogur.com *.secure.onogur.com *.sitemap.onogur.com *.wholesale.onogur.com *.ww38.onogur.com

stackproductivity.com *.stackproductivity.com

startscaleco.com *.startscaleco.com

therapyaq.com *.therapyaq.com

todo.skin *.todo.skin

transfermarkd.com *.transfermarkd.com

wcqsp3.my *.wcqsp3.my

*.dalbotv.wlstampeders.com *.dlmp3.wlstampeders.com *.erpanteve.wlstampeders.com *.nongtontv.wlstampeders.com wlstampeders.com *.wlstampeders.com *.yongmahtv.wlstampeders.com *.youkubetv.wlstampeders.com *.yujemtv.wlstampeders.com

ygrry.one *.ygrry.one

*.a.zure.us *.atp.zure.us *.avd.zure.us *.awvd.zure.us *.catalogapi.zure.us *.enercitya.zure.us *.fcaylwvd.zure.us *.msedgea.zure.us *.myaccount.zure.us *.wbd.zure.us *.web.zure.us *.wvb.zure.us *.wvd.zure.us *.wvda.zure.us zure.us *.zure.us