SSL Certificate Analysis for webdisk.demopla.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=ccisd.bet

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 26, 2026

Valid Until

April 26, 2026 78 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B8:E2:70:12:87:97:5D:CC:9A:DF:3E:FC:80:95:78:08:7F:41:86:E2:09:95:D2:58:81:D3:42:AA:14:11:87:A6

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

demopla.net *.demopla.net *.autodiscover.demopla.net *.cpanel.demopla.net *.cpcalendars.demopla.net *.cpcontacts.demopla.net *.mail.demopla.net *.webdisk.demopla.net *.webmail.demopla.net *.ww38.demopla.net *.www.demopla.net

Other domains in certificate

*.18d3a88d-ac60-4502-8e5b-b0265cdabc74.9x9x3.xyz 9x9x3.xyz *.9x9x3.xyz *.ww25.9x9x3.xyz *.ww38.9x9x3.xyz

agrarinformatik.de *.agrarinformatik.de *.ww25.agrarinformatik.de

alertsfeeds.com *.alertsfeeds.com

beefstew.com *.beefstew.com

*.acidman.bird.to *.al.bird.to *.b-well.bird.to bird.to *.bird.to *.breeze.bird.to *.cg-i.bird.to *.charles.bird.to *.comune.bird.to *.easygoing.bird.to *.edaya.bird.to *.english.bird.to *.firebird.bird.to *.flowers.bird.to *.gekijyou.bird.to *.heart.bird.to *.hokuto.bird.to *.kmaker.bird.to *.maruyaki.bird.to *.ms.bird.to *.net.bird.to *.obscure.bird.to *.okusay.bird.to *.radio-k.bird.to *.see-la.bird.to *.shingo.bird.to *.shio.bird.to *.sky.bird.to *.solarman.bird.to *.tfm.bird.to *.trick.bird.to *.usagi.bird.to *.ushigome.bird.to *.valkyrie.bird.to *.ww38.bird.to

buyingcars.com *.buyingcars.com

ccisd.bet *.ccisd.bet *.students.ccisd.bet *.zbezlq3rro.ccisd.bet

eerieinsurance.com *.eerieinsurance.com

*.komiko.olam.live olam.live *.olam.live

thefitnessclasses.com *.thefitnessclasses.com

*.dashboard.thor.cm thor.cm *.thor.cm *.ww17.thor.cm

*.navigation.tumi123moon.pro *.otc.tumi123moon.pro tumi123moon.pro *.tumi123moon.pro

twqpbctd.xyz *.twqpbctd.xyz

*.amwf.whitegirlasianpenis.com *.cdn.whitegirlasianpenis.com *.deana.whitegirlasianpenis.com *.lolking.whitegirlasianpenis.com *.mail.whitegirlasianpenis.com *.ovh-cdn.whitegirlasianpenis.com *.wgap.whitegirlasianpenis.com whitegirlasianpenis.com *.whitegirlasianpenis.com