Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.stpaulpj.org.my
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 11, 2025
Valid Until
January 10, 2026
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
11:63:4B:5F:F5:0A:4E:C2:D0:D1:F7:85:38:F9:A0:D8:58:90:29:F7:66:25:29:88:93:68:DC:BB:C5:E5:D3:03
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mawagra.se
v2.gutscheine.additive-apps.eu
bitchat.allaboardbitcoin.com
www.axecut.com
my-metrics.azul915.com
s2.b-sw.co
www.bdalil.com
beingabundance.com
www.fila.bluve.com.br
www.botleyexecutivecars.co.uk
www.boys6.nl
butterplup.com
cdmedia-bulgaria-staging.contentcard.com
www.conversantts.com
www.criar.art
www.curial.com
distillate.jp
www.dnlnwk.de
api.earthimpact.me
agrimaps.elevarm.com
www.finramos.com
docs.fintechvisuals.com
www.forecast.my
kroger-admin.gotshift.io
www.hamsterbreak.com
www.harshaljadhavandassociates.com
highlandstalentgroup.com
threshold-management.hotwax.io
therapyconnect.hub9.io
idealexperience.es
dev-l.iftaranekadarkaldi.com
pkfpitt.impactwrap.com
ingogo-traveller-staging.ingogodev.net
instantlaptopsolution.com
www.instantlaptopsolution.com
app.instaviagem.com
www.iyengarscreations.com
invite.jaib.live
biblia.joaocouto.com
admin.lieferfabrik.de
martamo.com
www.meet.cam
auth.meetlio.se
www.micro-tracker.com
www.mmddevelopers.com
mobileai.dev
www.moinworld.de
mrtporteur.com
www.mummoku.com
admin.music-hub.com
mycompanytracker.com
essma.mystadiumsapp.com
www.myvocabcoach.com
myworldofmouth.com
nearestschools.com
annualupgrade.neoufitness.com
www.flawed.net.nz
logo.net.ua
app.newzgamez.com
nyeusiapp.com
www.operationify.com
protegebr.olabi.org.br
www.stpaulpj.org.my
ourpuzzleapp.com
keeper.paidkeeper.com
demo.paperstac.com
paulamonteiropersonal.com.br
www.phaeon.dev
l.pigxu.com
www.prioritywarehouseservices.com
qofii.com
www.rachelpatino.com
alexa.radiofreccia.it
re-arc-lab.jp
app.reaction.menu
auth.relish.com
riggleafrica.com
rochasilva.com
github.ui-clone.ronne.dev
planit.root38.com
unm.engage.sasaki.com
www.scsports.eu
app.seamansclub-cat.com
seamansclub-cat.com
www.sectrkuttikad.com
smachnavoda.com
www.spinetv.com
www.steppbrett.com
stoisk-ro.dk
tanjafrisch.com
th-lines.co
admin.tingtong.vn
toolabs.com
uppply.com
vaspro-ltd.com
vedictax.com
enterprise.velauto.com.br
whackakevin.com
williamthomas.digital
zq-signal.com
Other domains in certificate