SSL Certificate Analysis for forecast.bil360.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=08739.my

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 01, 2026

Valid Until

July 30, 2026 56 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3D:37:B3:6B:1F:91:A9:64:56:BE:66:A6:15:F9:11:6F:4E:32:45:53:BA:99:E5:FD:A6:55:A2:02:BB:6A:9E:57

Alternative Names

95 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

95 domains

bil360.com *.bil360.com *.admin.bil360.com *.research.bil360.com *.vc.bil360.com *.ww.bil360.com

Other domains in certificate

08739.my *.08739.my

08750.my *.08750.my

0god.me *.0god.me *.272.0god.me

11484929.top *.11484929.top

12121648.top *.12121648.top

16692.my *.16692.my

34726.my *.34726.my

37315.my *.37315.my

42451.my *.42451.my

55139.my *.55139.my

61473.my *.61473.my

63552.my *.63552.my

67796.my *.67796.my

73880.my *.73880.my

76866986.top *.76866986.top

88433958.top *.88433958.top

96879.my *.96879.my

96880.my *.96880.my

*.admin.alulanews.com alulanews.com *.alulanews.com *.new.alulanews.com

businessplan.info *.businessplan.info *.reports.businessplan.info

*.admin.cryptobetquest.info cryptobetquest.info *.cryptobetquest.info

digitalnomadtravelers.com *.digitalnomadtravelers.com

domainrobin.com *.domainrobin.com

highlandcattlecoffee.com *.highlandcattlecoffee.com

hindumatrimonials.in *.hindumatrimonials.in

hope.cfd *.hope.cfd

ijwpm.one *.ijwpm.one

inanvietnam.com *.inanvietnam.com

lority.com *.lority.com

*.admin.lpsettlement.com lpsettlement.com *.lpsettlement.com

ptilocercus.com *.ptilocercus.com

quaddragonzones.com *.quaddragonzones.com

qurawon.com *.qurawon.com

*.admin.qwikqwot.com qwikqwot.com *.qwikqwot.com

racashinagroup.com *.racashinagroup.com

reefinityglobal.com *.reefinityglobal.com

rentersrebates.com *.rentersrebates.com

samosvit.com *.samosvit.com

sc-technoindustrial.ca *.sc-technoindustrial.ca

shrugdealer.com *.shrugdealer.com

slotv.mom *.slotv.mom