Open
Cached
·
just now
86/100
SECURITY SCORE
Certificate Information
Subject
C=AU, ST=New South Wales, L=Surry Hills, O=News Corp Australia Pty Limited, CN=news.com.au
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Valid From
September 10, 2025
Valid Until
September 09, 2026
301 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
75:AB:5F:99:38:FB:C1:57:7C:EE:32:BA:31:D5:A5:BA:94:90:40:AC:65:D8:CD:24:9A:CD:12:0C:DD:C8:6F:64
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
91 domains
*.news.net.au
www.1degree.com.au
adelaidenow.com.au
*.adelaidenow.com.au
*.api.news
bestrecipes.com.au
*.bestrecipes.com.au
bodyandsoul.com.au
www.bodyandsoul.com.au
beta.buysearchsell.com.au
www.buysearchsell.com.au
cairnspost.com.au
www.cairnspost.com.au
*.cnivogue.com.au
beta.couriermail.com.au
couriermail.com.au
www.couriermail.com.au
crimcitypodcast.com.au
www.crimcitypodcast.com.au
beta.dailytelegraph.com.au
dailytelegraph.com.au
www.dailytelegraph.com.au
delicious.com.au
img.delicious.com.au
www.delicious.com.au
escape.com.au
www.escape.com.au
futureenergysummit.com.au
www.futureenergysummit.com.au
geelongadvertiser.com.au
www.geelongadvertiser.com.au
goldcoastbulletin.com.au
www.goldcoastbulletin.com.au
gq.com.au
*.gq.com.au
greataustraliandreams.com.au
www.greataustraliandreams.com.au
heraldsun.com.au
*.heraldsun.com.au
intheknow.com.au
www.intheknow.com.au
kidspot.com.au
*.kidspot.com.au
beta.mytributes.com.au
www.mytributes.com.au
www.nativeincolour.com.au
*.newcastlenewslocal.com.au
m.weather.news.com.au
news.com.au
*.news.com.au
resources.news.com.au
*.talk.news.com.au
*.talk2.news.com.au
newsadds.com.au
*.newsadds.com.au
cdn.newsapi.com.au
*.newscdn.com.au
*.myaccount.newsconcierge.com.au
newsconcierge.com.au
*.newsconcierge.com.au
newscorpaustralia.com
www.newscorpaustralia.com
www.newsprestigenetwork.com.au
newsxtend.com.au
www.newsxtend.com.au
api.coles.taste.nlm.io
api.img.nlm.io
assets-samp.nlm.io
ntnews.com.au
www.ntnews.com.au
*.placemyad.com.au
*.savvyshopper.net.au
taste.com.au
*.taste.com.au
theaustralian.com.au
*.theaustralian.com.au
thechronicle.com.au
*.thechronicle.com.au
themercury.com.au
www.themercury.com.au
townsvillebulletin.com.au
www.townsvillebulletin.com.au
vogue.com.au
*.vogue.com.au
weeklytimesnow.com.au
www.weeklytimesnow.com.au
insights.whimn.com.au
whimn.com.au
www.whimn.com.au
www.yourvoice2023.com.au
yourvoice2023.com.au
Other domains in certificate