SSL Certificate Analysis for remoteapp.hyaes.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bozv.com

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 05, 2026

Valid Until

September 03, 2026 81 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

8A:53:44:A9:7C:09:27:60:F8:ED:6A:F5:0B:58:46:BF:69:36:BD:F8:6B:A5:43:F8:68:6E:0F:D1:86:E4:B5:CE

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

hyaes.com *.hyaes.com *.apps.hyaes.com *.beheer.hyaes.com *.ciscovpn.hyaes.com *.client.hyaes.com *.ekb.hyaes.com *.firewall.hyaes.com *.login.hyaes.com *.mobile.hyaes.com *.office.hyaes.com *.rdp.hyaes.com *.rds.hyaes.com *.remoteapp.hyaes.com *.rs.hyaes.com *.sslvpn.hyaes.com *.vpn2.hyaes.com

Other domains in certificate

*.014w8.234678.top *.0u12d.234678.top 234678.top *.234678.top *.5jsd7.234678.top *.89wkp.234678.top *.ayfpk.234678.top *.cg4o5.234678.top *.dwij7.234678.top *.ebwif.234678.top *.hrka1.234678.top *.jxc88.234678.top *.l2aa8.234678.top *.n2pro.234678.top *.nslow.234678.top *.qakt3.234678.top *.rnyzj.234678.top *.xrqcg.234678.top *.z3dl1.234678.top

bozv.com *.bozv.com *.ubb.bozv.com

*.analytics.driving.biz *.api.driving.biz *.bi.driving.biz *.dash.driving.biz *.dashs.driving.biz *.data.driving.biz *.dev.driving.biz *.dev1redash.driving.biz driving.biz *.driving.biz *.preview.driving.biz *.public.driving.biz *.superset.driving.biz *.test.driving.biz *.uat.driving.biz *.web.driving.biz

*.mail.only70s.com only70s.com *.only70s.com

*.14252444.xzsaiya.cn *.2oj.xzsaiya.cn *.49393.xzsaiya.cn *.591954.xzsaiya.cn *.766382.xzsaiya.cn *.8hw.xzsaiya.cn *.8skyjdch.xzsaiya.cn *.96459.xzsaiya.cn *.99.xzsaiya.cn *.bln0.xzsaiya.cn *.bm4hd.xzsaiya.cn *.dxitdrnx.xzsaiya.cn *.fkji.xzsaiya.cn *.gee.xzsaiya.cn *.gyni.xzsaiya.cn *.jpbgr3o.xzsaiya.cn *.m.xzsaiya.cn *.ozzr.xzsaiya.cn *.qmj.xzsaiya.cn *.random.xzsaiya.cn *.sqeoxizr.xzsaiya.cn *.v4q7q2.xzsaiya.cn *.vy.xzsaiya.cn *.www.xzsaiya.cn *.wwww.xzsaiya.cn *.xtzvcttc.xzsaiya.cn xzsaiya.cn *.xzsaiya.cn *.yhpq.xzsaiya.cn *.yl.xzsaiya.cn *.zfwoun.xzsaiya.cn