SSL Certificate Analysis for admin.smartex.cc - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=smplctlab.org

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 08, 2026

Valid Until

April 08, 2026 53 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

63:F2:97:E2:1E:B5:8A:34:BC:4A:14:B2:C2:F8:29:A0:43:49:D5:5D:EC:50:1A:3D:CF:32:97:DA:88:3C:E4:23

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

smartex.cc *.smartex.cc *.admin.smartex.cc *.cms.smartex.cc *.debug.smartex.cc *.live.smartex.cc *.wp.smartex.cc *.www.smartex.cc

Other domains in certificate

anetflix.com *.anetflix.com *.comww1.anetflix.com *.ww38.anetflix.com

coolcloud.cc *.coolcloud.cc

*.cpnet.cyeint.com cyeint.com *.cyeint.com *.doc.cyeint.com *.integration.cyeint.com *.my.cyeint.com *.qa.cyeint.com

fiberopticinstallationincalifornia810284.icu *.fiberopticinstallationincalifornia810284.icu

jgwentword.com *.jgwentword.com

lostfilms.net *.lostfilms.net *.qa.lostfilms.net *.uat.lostfilms.net *.ww38.lostfilms.net

*.helpdesk.mypokemon.com *.jenkins.mypokemon.com mypokemon.com *.mypokemon.com

*.com.nitolsolar.com *.hostmaster.nitolsolar.com nitolsolar.com *.nitolsolar.com *.ns1.nitolsolar.com *.ns2.nitolsolar.com *.owa.nitolsolar.com *.sitemap.nitolsolar.com *.sitemaps.nitolsolar.com *.uk.nitolsolar.com *.www.nitolsolar.com

*.dev.prokerela.com *.greetings.prokerela.com *.hostmaster.prokerela.com *.panel.prokerela.com prokerela.com *.prokerela.com *.staging.prokerela.com *.ww01.prokerela.com *.www.prokerela.com

q-advisersqroup.com *.q-advisersqroup.com *.random.q-advisersqroup.com

*.g22y8.rtp3mpoker1.xyz *.jyikv.rtp3mpoker1.xyz rtp3mpoker1.xyz *.rtp3mpoker1.xyz *.tzygd.rtp3mpoker1.xyz

smplctlab.org *.smplctlab.org *.winningwomencollection.smplctlab.org

*.cpcalendars.stovsugere.com *.cpcontacts.stovsugere.com *.dc-a7f2d72bafd1.stovsugere.com *.rustore.stovsugere.com stovsugere.com *.stovsugere.com *.webmail.stovsugere.com

*.mx7.surgarmomma.com surgarmomma.com *.surgarmomma.com *.ww25.surgarmomma.com

*.com.talent.au talent.au *.talent.au

*.73jz.uv1.com *.a9x.uv1.com *.f.uv1.com *.hdt.uv1.com *.lu.uv1.com *.random.uv1.com *.sva.uv1.com *.t.uv1.com uv1.com *.uv1.com *.ww25.uv1.com