Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=katelipsychology.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
14:88:FF:E7:97:7E:E9:FD:C3:E8:D7:84:6E:E6:A9:B6:12:F3:BB:BC:19:3A:05:C6:06:3B:C2:37:44:F8:2B:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
comodoca.com
Wildcard CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 5 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
limitedcreativity.org
59threefoundry.com
7dayshotel.ca
acatora.com
www.aeffect.net
www.akka-demy.com
andrewdiles.com
app.argonav.io
artmann-holding.com
memoryapp.ashiqkhan.in
trk2.avdtrk.com
www.averettcougarscamps.com
avertedgames.com
barrytheblindman.ca
becasdeportivasusa.com
www.bedibug.com
bhaijicricketbettingtips.com
www.panel.bniqroo.com
www.careme.jp
databricks-demo.carto.com
goza.clau.io
segev.asabro.co.il
shop.mytr.co.in
short.logicerp.co.in
cpepoints.com.my
commodity.uice.com.ua
video.dbat.net
dharma-jyotish-siddhanta-yogi-ashram.com
dizorderofficial.com
lnk.doctoplus.in
backoffice.doneservices.co
s.efmedsys.ru
elektroteknosoft.com
emptor.co
feedl.ink
www.forma-concept-formation.be
www.fuelandcarbonsavings.com
www.geonit.ca
giuliapilates.uk
www.go-kundenportal.at
greenbeemeds-stores.com
www.greenbeemeds-stores.com
ams-demo.grosbeak.co.jp
qr.gupshup.io
hardwickcider.com
get.hulah.co
ibaifoundation.com
internetfriends.social
intygschecken.se
arcangel.invierteenmazatlan.com
ff-wyhl.ivlivs.dev
ivstriver.com
www.kalabash.art
katelipsychology.com.au
www.kngventuresinc.com
www.kqbistro.com
livati.com
games.loophereandnow.com
loyalhive.app
campaigns.mailtrap.info
marxe.com.mx
admin.melaniethomasrealestate.com
memberwizard.com.au
www.naomielliott.net
natrarosa.com
www.navaneethku.in
neuralwave.in
stage.app.nobul.com
sso-jhaspire.onduo.com
push.alerts.apps.kan.org.il
orvity.com
osiloke.com
ouitalking.com
our-luv.com
dev-auth.packageportal.com
admin.peffgroup.com
app.petloop.co
pieniak.com
www.pieterjanse.nl
spider.pixeption.net
predictable.xyz
www.programmerfair.com
www.psifernandamartins.com.br
app.rajascafebar.com.br
managebeta.realpartyinfo.com
schoolfair.us
securewebterminal.com
sertony.ru
app.showincity.com
www.skybreath.me
www.soundremedy.com
sdis06-app.speakylink.com
n1.suhail.ai
todo.trandrew.ca
visitbellevue.trueomni.com
beta.vdevs.in
www.vinayakamatrimony.com
app.works.report
www.xsbay.org
beneficios.zapimoveis.com.br
Other domains in certificate