Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=04572.my
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 25, 2026
Valid Until
August 23, 2026
66 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D6:F5:A0:FA:75:B7:92:6D:57:56:82:48:51:83:98:FB:BE:38:0A:BC:3E:40:A9:E7:57:98:1A:25:40:36:10:50
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
04572.my
*.04572.my
198756.co
*.198756.co
250996.lol
*.250996.lol
256658.lol
*.256658.lol
319240.lol
*.319240.lol
364749.lol
*.364749.lol
6076434.cc
*.6076434.cc
636802.one
*.636802.one
636803.loan
*.636803.loan
822567.lol
*.822567.lol
997766jj.cc
*.997766jj.cc
9gt9y.xyz
*.9gt9y.xyz
acjoh.cc
*.acjoh.cc
afiyjxqzrp.sbs
*.afiyjxqzrp.sbs
cactusiot.net
*.cactusiot.net
commenvo.com
*.commenvo.com
dpxqnfvygt.sbs
*.dpxqnfvygt.sbs
e18.my
*.e18.my
ironmanroots.com
*.ironmanroots.com
kecvej.sbs
*.kecvej.sbs
kjubc.gdn
*.kjubc.gdn
klornediva.cfd
*.klornediva.cfd
laromaneeconti.vip
*.laromaneeconti.vip
legalmenteia.com
*.legalmenteia.com
llumnix.com
*.llumnix.com
lnqxd.sbs
*.lnqxd.sbs
lyugs.com
*.lyugs.com
male-infertility-clinic-nearby-in-all.sbs
*.male-infertility-clinic-nearby-in-all.sbs
metfi.sbs
*.metfi.sbs
newskyxy.com
*.newskyxy.com
notorola.com
*.notorola.com
p28r.shop
*.p28r.shop
page024974.shop
*.page024974.shop
plqrx.work
*.plqrx.work
ppowerschool.com
*.ppowerschool.com
psw-course-3h.click
*.psw-course-3h.click
q0011.vip
*.q0011.vip
rupwork.com
*.rupwork.com
tifness.com
*.tifness.com
tmt3qa.cyou
*.tmt3qa.cyou
tojsonqsl.com
*.tojsonqsl.com
toll-overdue.com
*.toll-overdue.com
vibratingpanties.net
*.vibratingpanties.net
wordwinners.com
*.wordwinners.com
xn--2qq276acsl.com
*.xn--2qq276acsl.com
Other domains in certificate