SSL Certificate Analysis for rdweb.blyzo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=39kfc.my

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 14, 2026

Valid Until

August 12, 2026 80 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D7:BD:E8:9C:60:C3:3F:22:96:44:4F:2B:41:3F:72:4B:5D:2A:FB:A1:F5:E8:11:2C:0B:BC:C2:F9:3E:ED:98:DE

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

blyzo.com *.blyzo.com

Other domains in certificate

38205.my *.38205.my

38214.my *.38214.my

39kfc.my *.39kfc.my

411269.xyz *.411269.xyz

44765785.top *.44765785.top

490692.gdn *.490692.gdn

4x27.com *.4x27.com

55616.asia *.55616.asia

5p0fsb.top *.5p0fsb.top

5pq.cc *.5pq.cc

5x432s.cyou *.5x432s.cyou

6433214324.cfd *.6433214324.cfd

663629.com *.663629.com

787337.my *.787337.my

799502.com *.799502.com

a62g.icu *.a62g.icu

aiguilledumidi.com *.aiguilledumidi.com

aiqcoded.com *.aiqcoded.com

awheres.com *.awheres.com

careerbridgenetwork.xyz *.careerbridgenetwork.xyz

clientelevate.co *.clientelevate.co

cyy2.co *.cyy2.co

diynetworkhub.live *.diynetworkhub.live

escastellclinica.com *.escastellclinica.com

etk2f5d.top *.etk2f5d.top

figbod.com *.figbod.com

friendshipclub.uk *.friendshipclub.uk

illu.lat *.illu.lat

illu.monster *.illu.monster

ilz.co *.ilz.co

indialfs.click *.indialfs.click

k63d.cc *.k63d.cc

k6435.co *.k6435.co

k79gan.shop *.k79gan.shop

liquidclocks.com *.liquidclocks.com

*.mail.mbadatech.com mbadatech.com *.mbadatech.com

njgkf.qpon *.njgkf.qpon

nk814m.cyou *.nk814m.cyou

ticketmoster.co.uk *.ticketmoster.co.uk

tisketmaster.co.uk *.tisketmaster.co.uk

universityprobe.org *.universityprobe.org

xx7113.cc *.xx7113.cc

zzxe.cc *.zzxe.cc