SSL Certificate Analysis for admin.konzo.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=net88.tools

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 13, 2026

Valid Until

May 14, 2026 88 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

20:7B:CC:AC:33:8A:EB:B6:2C:23:CE:69:C4:BE:52:BD:59:AA:B4:C9:8F:2B:9D:1D:47:34:6B:8E:E9:D9:99:63

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

konzo.com *.konzo.com *.abc.konzo.com *.access.konzo.com *.admin.konzo.com *.api.konzo.com *.cloud.konzo.com *.dev.konzo.com *.exchange.konzo.com *.gateway.konzo.com *.hostmaster.konzo.com *.m.konzo.com *.mail.konzo.com *.mailgw.konzo.com *.members.konzo.com *.pos.konzo.com *.qa.konzo.com *.rds1.konzo.com *.rdweb.konzo.com *.secure.konzo.com *.staging.konzo.com *.test.konzo.com *.ts.konzo.com *.tz.konzo.com *.vpn.konzo.com *.ww1.konzo.com *.ww16.konzo.com *.ww25.konzo.com *.ww38.konzo.com

Other domains in certificate

688betw.com *.688betw.com *.admin.688betw.com *.api.688betw.com *.aws.688betw.com *.dev.688betw.com *.ftp.688betw.com

*.6y8gt.careermasterguide.xyz careermasterguide.xyz *.careermasterguide.xyz *.civoh.careermasterguide.xyz *.ndifg.careermasterguide.xyz

*.backup.forex4u.com *.beta.forex4u.com *.ciscovpn.forex4u.com forex4u.com *.forex4u.com *.hostmaster.forex4u.com *.random.forex4u.com *.vpn.forex4u.com *.vpn01.forex4u.com *.vpn1.forex4u.com *.vpn2.forex4u.com *.ww38.forex4u.com

*.6y8gt.groupvacationfinders.xyz groupvacationfinders.xyz *.groupvacationfinders.xyz *.qk6fu.groupvacationfinders.xyz

*.api.littlerockphoto.com *.backup.littlerockphoto.com *.blog.littlerockphoto.com *.crm.littlerockphoto.com *.dev.littlerockphoto.com littlerockphoto.com *.littlerockphoto.com *.test.littlerockphoto.com *.ww17.littlerockphoto.com *.ww38.littlerockphoto.com

*.demo.net88.tools net88.tools *.net88.tools

*.imap.topgearairsoft.com topgearairsoft.com *.topgearairsoft.com *.www.topgearairsoft.com

*.api.xemchua.com *.dev.xemchua.com *.host.xemchua.com *.hostmaster.xemchua.com *.mail.xemchua.com *.random.xemchua.com *.test.xemchua.com *.vpn.xemchua.com *.ww1.xemchua.com *.ww17.xemchua.com *.ww25.xemchua.com *.ww38.xemchua.com *.www.xemchua.com xemchua.com *.xemchua.com