SSL Certificate Analysis for api.steedtest.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=molome.tw

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

April 28, 2026

Valid Until

July 27, 2026 52 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

97:D3:E3:DE:11:07:2A:48:07:CE:C6:8A:F8:25:52:53:D1:F4:C1:49:8B:B8:DB:0E:5A:E5:93:68:B1:19:94:C8

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

steedtest.com *.steedtest.com *.1d2a3d85-4aa2-4c20-bd2e-d51ecf72403c.steedtest.com *.api.steedtest.com *.hwww.steedtest.com *.mta-sts.steedtest.com *.owa.steedtest.com *.pro.steedtest.com *.twitter.steedtest.com *.ww.steedtest.com

Other domains in certificate

228480.cc *.228480.cc *.cc.228480.cc

37124.org *.37124.org

599kbet.org *.599kbet.org

*.admin.balet.info balet.info *.balet.info *.ww25.balet.info

*.0.beat.works *.app.beat.works beat.works *.beat.works *.deterministic.beat.works *.www70.beat.works

carharttoutlet.store *.carharttoutlet.store *.ww25.carharttoutlet.store *.ww38.carharttoutlet.store

*.60.digihube.com digihube.com *.digihube.com *.promo.digihube.com

ecobikelectric.com *.ecobikelectric.com *.ww25.ecobikelectric.com

financielo.com *.financielo.com *.webdisk.financielo.com *.webmail.financielo.com

fsem.com *.fsem.com

hkartanddesign.com *.hkartanddesign.com *.ww38.hkartanddesign.com

*.admin.howtotranslate.it *.app.howtotranslate.it *.dev.howtotranslate.it *.hostmaster.howtotranslate.it howtotranslate.it *.howtotranslate.it *.random.howtotranslate.it *.smtps.howtotranslate.it

*.afiliados.livre.bet livre.bet *.livre.bet

miluqipai.com *.miluqipai.com

mirroe.co *.mirroe.co *.s1.mirroe.co

*.autoupdate.molome.tw *.cdn.molome.tw *.jg.molome.tw *.js2.molome.tw *.jx3.molome.tw molome.tw *.molome.tw *.remoto.molome.tw *.stage-dk.molome.tw *.update.molome.tw *.updateclient.molome.tw

*.98034informations-update.nethship.com nethship.com *.nethship.com

news-hots.com *.news-hots.com

sdrg6.my *.sdrg6.my

thepiratebay33.co *.thepiratebay33.co *.ww25.thepiratebay33.co *.ww38.thepiratebay33.co

thurstonslobster.com *.thurstonslobster.com *.ww25.thurstonslobster.com

totes.au *.totes.au