Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=79496.my
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 26, 2026
Valid Until
August 24, 2026
69 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
55:C6:E5:B0:66:96:22:54:4E:AC:C5:87:95:00:A0:C2:81:8D:C2:07:17:C9:1A:21:3B:7C:39:F0:B0:D7:36:63
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
atlascor.com
*.atlascor.com
79496.my
*.79496.my
82h38f.lol
*.82h38f.lol
87456.vip
*.87456.vip
8vkrya.mom
*.8vkrya.mom
90543.my
*.90543.my
92280.blog
*.92280.blog
97103.work
*.97103.work
98003.app
*.98003.app
aab8x2.lol
*.aab8x2.lol
aiwiseup.com
*.aiwiseup.com
an99.yoga
*.an99.yoga
analystpulseup.com
*.analystpulseup.com
atda6g.lol
*.atda6g.lol
atquickcapitalfunding.com
*.atquickcapitalfunding.com
authenticfitnessgoal.run
*.authenticfitnessgoal.run
aybilgisi.info
*.aybilgisi.info
baodao15.com
*.baodao15.com
berkahdepo.xyz
*.berkahdepo.xyz
betlionlogin.com
*.betlionlogin.com
bikesandbeyond.co.nz
*.bikesandbeyond.co.nz
bipolartest.click
*.bipolartest.click
bxman4.lol
*.bxman4.lol
cagj.me
*.cagj.me
cheekmakeup.com
*.cheekmakeup.com
chronosbot.com
*.chronosbot.com
definder.pro
*.definder.pro
detaillhubux.com
*.detaillhubux.com
dopingfight.com
*.dopingfight.com
ega8c6.mom
*.ega8c6.mom
fitnesstrustground.run
*.fitnesstrustground.run
flourishingfieldsco.live
*.flourishingfieldsco.live
food-industry-machinery.click
*.food-industry-machinery.click
fragments.live
*.fragments.live
fupinsuccess.com
*.fupinsuccess.com
glamorousbagsbyshae.com
*.glamorousbagsbyshae.com
gossipphase.live
*.gossipphase.live
gotothebadge.info
*.gotothebadge.info
h1drcv.cyou
*.h1drcv.cyou
hideyourcash.com
*.hideyourcash.com
hk31.my
*.hk31.my
phuiofc.asia
*.phuiofc.asia
pndigitallogic.com
*.pndigitallogic.com
poexm.my
*.poexm.my
professionalplantpros.live
*.professionalplantpros.live
Other domains in certificate