Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.r.com.my
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 01, 2026
Valid Until
May 02, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F7:05:EE:DB:34:F8:6A:19:54:2E:9D:29:C3:03:A9:E4:DB:B7:23:EF:35:43:A3:AA:16:29:58:6C:15:0D:C2:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
santa-relli.com
2thehoneymoon.com
abodesaafan.com
app.academiadupai.com
demo-painel.aebroadcast.com.br
innovault.aevlabs.com
www.ahrensasoc.com
www.alzerjawi.com
video.athlon.chat
avenuestrategy.com
bazdara.com
www.betiaworld.com
www.bezkomentare.com
slump.binni.co
www.blair-capital.co
integracao.bluve.com.br
bookmytravelbuddy.com
candl.fan
www.careadvancedpaediatricinstitute.in
cedarmingle.com
get.celebrate.app
app.chef-treff.de
cloaksec.com
tanui.cloudframework.app
www.fevergames.co.kr
www.ailab.co.th
www.r.com.my
commonsense.app
www.cresceredu.com
the-crossing.cybrary.it
cyoud.com
degtyarev.biz
stylelink.ergotron.com
dev.evridayapp.com
fernando-toledo.com
franklinnunez.com
frutini.de
galician-choir.com
georginacope.co.uk
globalentry.app
gokorea.app
mobile.gorich.app
dev-restaurant.gupshup.io
www.heitham.com
links.hiiker.app
himitonga.com
game.hokin.tech
www.indiequityreturns.com
dev.abit.io.vn
pwa.johnshortland.com
junban.app
link.justbiryani.app
www.katdonegan.com
keyaccountmanagementtraining.ie
letsdecorateapp.com
www.mecagroup.com.au
memorable.kr
www.mooncoins.ru
www.mooney.news
www.mpowercleaning.co.za
murphypaintingcompany.net
online.nagitsuji-hp.jp
nanometer.app
nestful.com.br
niren.jp
www.nupav.com
onemilliontweetmap.com
todo.pky.jp
erp.priyalgroup.in
propertybhopal.in
install.publigo.app
eventosusil.rebus.com.co
staging.report-hub.recordunion.com
www.reganiu.ca
validation-station.rinkt.com
roninlombardino.com
savethefish.io
www.scols.nl
semolina.solutions
staging.shitalke.com
soccerball.app
vidaativa.sogafit.net
sms.spectra360.com
www.stackio.ca
davidkoloane.standardbank.co.za
stitchandshare.com
switchaisolutions.com
www.szabonorbert.me
talkinghead.ai
app.terminvereinbarung.eu
www.thedemonwholaughs.com
thomassouvlatzidiko.gr
www.trartists.com
treets.org
www.tripletise.be
climathon.triply.ai
trust4.us
apply.tryhabitual.com
uruz.id
www.yoocode.kr
Other domains in certificate