SSL Certificate Analysis for demo.studioiot.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=3115ff.top

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 03, 2026

Valid Until

September 01, 2026 71 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

A3:E6:75:A4:83:39:C8:80:53:80:6B:74:14:57:56:66:04:7C:72:FF:DF:6D:EE:E0:8E:4C:EF:DE:8E:F0:99:F7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

studioiot.com *.studioiot.com

Other domains in certificate

3115ff.top *.3115ff.top

31788.my *.31788.my

3318620.vip *.3318620.vip

350-3.cc *.350-3.cc

366749.cc *.366749.cc

37278.vip *.37278.vip

39w6cc.com *.39w6cc.com

3c34.cc *.3c34.cc

3w59.cc *.3w59.cc

63playlist.com *.63playlist.com

8yadd9.cc *.8yadd9.cc

a406clx.top *.a406clx.top

allenteo.com *.allenteo.com

brightpathwayzone.site *.brightpathwayzone.site

d83wmj.top *.d83wmj.top

d94e.cyou *.d94e.cyou

daashlimited.com *.daashlimited.com

data-analyst-se-659y.shop *.data-analyst-se-659y.shop

globiator.com *.globiator.com

hihatalk.io *.hihatalk.io

hourspots.com *.hourspots.com

levsy.my *.levsy.my

maskaffil.com *.maskaffil.com

mishima-ticket.com *.mishima-ticket.com

montazmedias.in *.montazmedias.in

muktsar.in *.muktsar.in

mwuqld.com *.mwuqld.com

myfrnd.site *.myfrnd.site

ndiemaindustries.com *.ndiemaindustries.com

neproots.com *.neproots.com

nicae.my *.nicae.my

nodestreamz.com *.nodestreamz.com

peniaccds.com *.peniaccds.com

phyllosomata.com *.phyllosomata.com

picktire.com *.picktire.com

prolabx.online *.prolabx.online

qph742n.top *.qph742n.top

quanten-x.org *.quanten-x.org

qvply.my *.qvply.my

rayanazmoon.ir *.rayanazmoon.ir

royinnov.com *.royinnov.com

sc33pg.cc *.sc33pg.cc

service-measure.site *.service-measure.site

wobuwo.com *.wobuwo.com