Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=visitchristchurch.info
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 16, 2026
Valid Until
September 14, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:BA:04:00:D4:89:3D:A8:E2:FF:E6:3E:8C:EC:B0:31:2C:BF:AE:F8:2A:15:0A:39:A8:AC:72:49:05:1E:32:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
85 domains
lottoexp.me
*.lottoexp.me
*.ww25.lottoexp.me
aquaparque7.com
*.aquaparque7.com
*.ww25.aquaparque7.com
arabzx.com
*.arabzx.com
*.ww25.arabzx.com
*.ww38.arabzx.com
australiamagicshrooms.store
*.australiamagicshrooms.store
*.ww17.australiamagicshrooms.store
batterycenteraz.com
*.batterycenteraz.com
blacktoon353.com
*.blacktoon353.com
blonderbeer72.com
*.blonderbeer72.com
carta-ricaricabile.it
*.carta-ricaricabile.it
casinoviaggi.it
*.casinoviaggi.it
*.cc.chips.com.au
chips.com.au
*.chips.com.au
*.ftp.chips.com.au
*.smiths.chips.com.au
*.ww25.chips.com.au
cingamedicare.com
*.cingamedicare.com
*.demo.cingamedicare.com
*.gift.cingamedicare.com
*.ww25.cingamedicare.com
dominiocorto.it
*.dominiocorto.it
feriaarles.com
*.feriaarles.com
findtheway.pl
*.findtheway.pl
*.ww25.findtheway.pl
*.cod.frittolibarbara.com
frittolibarbara.com
*.frittolibarbara.com
*.michel.frittolibarbara.com
*.rush.frittolibarbara.com
hiltton.com
*.hiltton.com
*.mail.hiltton.com
*.remote.hiltton.com
*.www.hiltton.com
jessikasboutique.co.uk
*.jessikasboutique.co.uk
*.ww25.jessikasboutique.co.uk
mabula.de
*.mabula.de
manshirt.com.au
*.manshirt.com.au
psychologistdirectory.au
*.psychologistdirectory.au
rajasign.cfd
*.rajasign.cfd
sabahradiology.com
*.sabahradiology.com
*.webdisk.sabahradiology.com
*.wildcard.sabahradiology.com
safestraps.co
*.safestraps.co
southwestlendingcloset.org
*.southwestlendingcloset.org
streetdancebrooklyn.com
*.streetdancebrooklyn.com
*.hostmaster.subscribers.co.uk
*.mailserver.subscribers.co.uk
subscribers.co.uk
*.subscribers.co.uk
tarot4elementos.net
*.tarot4elementos.net
*.ww25.tarot4elementos.net
*.hostmaster.visitchristchurch.info
*.mail.visitchristchurch.info
visitchristchurch.info
*.visitchristchurch.info
*.www.visitchristchurch.info
*.www1.visitchristchurch.info
Other domains in certificate