DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=finetools.com.au
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 15, 2026
Valid Until
April 15, 2026 87 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1B:D2:6C:59:E4:E8:33:70:48:52:5F:05:E4:24:D2:39:0B:B2:D0:F4:4E:D6:EA:2F:90:A2:B3:C9:B2:CD:C5:AE
Alternative Names
80 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

80 domains
bearoffers.net *.bearoffers.net *.www.bearoffers.net

Other domains in certificate

*.2.artliquidators.com artliquidators.com *.artliquidators.com *.c.artliquidators.com *.mobi.artliquidators.com *.pics.artliquidators.com *.random.artliquidators.com *.s1.artliquidators.com *.school.artliquidators.com *.survey.artliquidators.com *.ww25.artliquidators.com
*.25.digitwidgit.com *.ads.digitwidgit.com *.careers.digitwidgit.com *.cdn.digitwidgit.com *.demo.digitwidgit.com *.dev.digitwidgit.com digitwidgit.com *.digitwidgit.com *.feedback.digitwidgit.com *.food.digitwidgit.com *.images.digitwidgit.com *.india.digitwidgit.com *.mbox12.digitwidgit.com *.members.digitwidgit.com *.mx.digitwidgit.com *.ns2.digitwidgit.com *.pool.digitwidgit.com *.python.digitwidgit.com *.router1.digitwidgit.com *.secure2.digitwidgit.com *.static.digitwidgit.com *.status.digitwidgit.com *.stream.digitwidgit.com *.tank.digitwidgit.com
finetools.com.au *.finetools.com.au *.ww16.finetools.com.au *.ww17.finetools.com.au
*.20ff4d26-59db-4420-b85c-04977b5644c7.shellraileis.com *.2a94fb77-0fc0-458e-9767-25042b9dd95c.shellraileis.com *.2c848652-8934-485c-9ce3-4f83f52e04ed.shellraileis.com *.91f0e5b6-2ba9-41ce-8e65-c17ae4a15d78.shellraileis.com *.acbfgm.shellraileis.com *.accounts.shellraileis.com *.admin.shellraileis.com *.app.shellraileis.com *.art.shellraileis.com *.assets.shellraileis.com *.beta.shellraileis.com *.blog.shellraileis.com *.client.shellraileis.com *.contacts.shellraileis.com *.cpcontacts.shellraileis.com *.dev.shellraileis.com *.dish.shellraileis.com *.eml.shellraileis.com *.help.shellraileis.com *.m.shellraileis.com *.mail.shellraileis.com *.merchants.shellraileis.com *.mta-sts.shellraileis.com *.portal.shellraileis.com *.power.shellraileis.com *.rds.shellraileis.com *.remote.shellraileis.com *.sfyjoapp.shellraileis.com shellraileis.com *.shellraileis.com *.sitemap.shellraileis.com *.store.shellraileis.com *.vpnssl.shellraileis.com *.wildcard.shellraileis.com *.wp.shellraileis.com *.ww16.shellraileis.com *.ww38.shellraileis.com *.www.shellraileis.com