Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=leanersolutions.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 30, 2025
Valid Until
December 29, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CA:31:48:97:C6:F2:E1:71:66:75:D0:9B:BD:5A:88:B9:DF:5A:10:7B:75:A8:38:F3:18:D5:8D:48:27:B2:09:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-HxeUCF0SNz3hgVrZUa_Ocg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
links.bialik.ca
pages.dev.2u.fan
vuestage.adere.so
aet.t.aeat.us
alexasky.website
research.animoca.space
www.appifyx.store
bionhart.com
www.brick4u.org
www.brutapp.eu
dev.carlmoore.xyz
cgsindustrialparks.org
co-in.uk
flynsmile.co.il
gustine.column.us
kwongheng.com.my
kulturajanda.com.tr
sales-service.daikin.com.vn
coredelivery.tech
cryptorates.ph
dashplix.com
www.devonypowell.com
hack.dlrc.in
drdavan.co.za
eamona.com
aws-connect.fastcurveservices.com
www.fatihtinc.com
www.feltax.xyz
www.fermentapp.com
www.grafeny.com
app.graz-city.com
greenfood.live
dev.haby.academy
websieve.hiddenslate.net
www.initios.in
simulatore.iniziativenergetiche.it
byttapet-prod.web.innotactsoftware.com
sitdepk.io.vn
keepcup.jau.co.jp
www.javiergonzalezrocha.com
tbs.jlonetouch.com.au
joaompfe.pt
karanja.xyz
www.laurazoee.com
www.leaguelife.com
leanersolutions.com.au
lets-rent.it
sponsor.letsgive.org
lianelanzarinpsicologa.com.br
lyftcap.xyz
volt.mackree.se
maruti.services
www.mazalove.com
bbcook.mclub.app
sso.mediamarket.jp
api-staging.mobilab.ai
www.morenoise.it
mycrate.org
myenergy.asia
myloopnetwork.co
neatnumbers.com.au
link-kb.nibo.com.br
www.noza.in
nuranet.io
onlyeverythingmusical.com
www.menu.orderlina.com
www.platformsharks.com
checkout.poap.codes
www.podana.net
filepicker.publigo.app
www.quitapay.com.br
heinemann.recruiting-solutions.org
rgkonnect.com
links.rummyculture.com
www.santuario.travel
www.scand-inab.se
shotgunsaxophone.com
www.sirius.press
www.soundpromoter.com
nysphaatrivia.sqwadhq.com
www.storjala.se
www.suxxusglobal.com
tactuallabs.com
www.thebibiseries.com
thinkingfitoutdesign.com
trutrakr.com
development.usersmanager.com
vaizang.com
www.veejaycapital.com
veripet.tech
vighnahartaclinic.com
visual-foods.com
voceapertaria.com
www.watermandesignsolutions.com
www.webassembly.news
dev.webcasa.app
webzee.co
dashboards.withchanneled.com
tiander.wolvez.com.br
www.yusukemori.tokyo
Other domains in certificate