Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=oupin.my
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 04, 2026
Valid Until
September 02, 2026
78 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4C:81:9E:52:C3:4A:BC:5C:A2:9F:61:2C:35:A7:6E:73:52:AC:FD:7B:82:03:06:18:19:44:10:6D:89:AB:66:43
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
ryoti.com
*.ryoti.com
*.insight.ryoti.com
*.rdp.ryoti.com
*.rds.ryoti.com
*.secure.ryoti.com
*.vdi.ryoti.com
*.vpnssl.ryoti.com
*.ww38.ryoti.com
*.app.bangsaujang.sbs
bangsaujang.sbs
*.bangsaujang.sbs
foolproof.in
*.foolproof.in
*.hostmaster.foolproof.in
*.m.foolproof.in
*.access.gequipment.com
*.app.gequipment.com
*.cloud.gequipment.com
gequipment.com
*.gequipment.com
*.ra.gequipment.com
*.rd.gequipment.com
*.rds.gequipment.com
*.rdweb.gequipment.com
*.remote.gequipment.com
*.remoto.gequipment.com
*.santech.gequipment.com
*.ts.gequipment.com
*.vdi.gequipment.com
*.vpnssl.gequipment.com
houndhomeinspection.com
*.houndhomeinspection.com
*.mail.houndhomeinspection.com
icontenuti.it
*.icontenuti.it
*.api.nevisgamingauthority.net
*.app.nevisgamingauthority.net
*.backup.nevisgamingauthority.net
*.cmkvzmailer.nevisgamingauthority.net
*.dashboard.nevisgamingauthority.net
*.dev.nevisgamingauthority.net
*.fhwotcmkvzmailer.nevisgamingauthority.net
*.mail.nevisgamingauthority.net
*.mailer.nevisgamingauthority.net
*.marketing.nevisgamingauthority.net
nevisgamingauthority.net
*.nevisgamingauthority.net
*.qa.nevisgamingauthority.net
*.secure.nevisgamingauthority.net
*.server.nevisgamingauthority.net
*.staging.nevisgamingauthority.net
*.uat.nevisgamingauthority.net
*.v1.nevisgamingauthority.net
*.v2.nevisgamingauthority.net
*.vps.nevisgamingauthority.net
*.web.nevisgamingauthority.net
*.desktop.opensergo.com
opensergo.com
*.opensergo.com
*.portal.opensergo.com
*.rd.opensergo.com
*.rdp.opensergo.com
*.rdweb.opensergo.com
*.remoto.opensergo.com
*.secure.opensergo.com
*.ts.opensergo.com
*.ww38.opensergo.com
orthoticbionics.com
*.orthoticbionics.com
*.wildcard.orthoticbionics.com
*.demo.oupin.my
oupin.my
*.oupin.my
*.demo.romanstrategy.com
*.marketing.romanstrategy.com
*.relay.romanstrategy.com
romanstrategy.com
*.romanstrategy.com
*.app.traqr.co
*.blog.traqr.co
*.dan.traqr.co
*.extranet.traqr.co
*.old.traqr.co
traqr.co
*.traqr.co
*.travis.traqr.co
w13724634.com
*.w13724634.com
Other domains in certificate