Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ficq.org.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 12, 2025
Valid Until
March 12, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
92:19:AB:0E:BE:0F:7A:EB:EA:5F:5F:6B:C8:F0:E3:CA:BB:1F:41:6E:82:D4:73:8C:C5:E0:04:40:A0:EB:89:14
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
menusoft.net.br
2012.heygrady.com
commande.3brasseurs.re
csw-roomplanner-test.3dcloud.io
acceleratech.uk
www.accounting-app.team
www.actekmfg.com
www.ahaconsultingservices.com
jsonviewer.all4devs.com
amobilepro.app
apricornhearth.com
www.arenapremantura.com
mypack.backinpack.com
blo.dev
any-quote.blueur.com
www.bradcarson.ca
design.dev.brxs.com
link.bymiles.co.uk
www.chandasimfukwe.com
sd-prompt-guide.cirquitcirqle.com
www.cleanwaterai.com
news.diab.com.vn
dev.cruxlarp.com
dashfruits.com
web.dealstrackerapp.com
support.dpdp.design
www.dyecopperpipeclassaction.com
exs.dev
paytest.ezfinanz.com
www.ficq.org.au
finometr.tech
am.staging.fireflyte.com
www.flexfit-caps.org
www.fomoweekly.xyz
a0fd.foodle.su
www.freibackerin.at
gigwizer.com
gitdive.com
app.glims.io
www.gluehabits.com
www.godrivela.com
demo.haroldwaste.com
escola.helius.com.br
in-cito.eu
juntstrenquembarreres.cat
backoffice-prod.jygolebonplan.com
kilinc.cv
bestellen.korfugrillbs.de
kvin.dev
www.lesamourai.space
lugaty.app
mcspoint.in
www.micafedecolombia.com
mindfields-platform.nl
mundocontentmarketing.com
www.mwcdentistry.com
muslimkit.x-labs.my.id
pic-rhino.mentor-stage.neccton.com
endometriosis.oneleafhealth.com
optimuskaia.com
www.oraclereef.com
ourstoriesgame.com
nzeel.performolabs.com
www.physio-archive.com
pilshuisje.nl
talklab.pixels.im
playrea.com
proizvodac.plodovi.hr
www.punchabrandon.com
www.realrecognizerealestate.com
beta.reloxrobotics.com
toiletapi.schneider.today
selectivegasinstallations.co.za
shadethesims.com
simple-melts.com
softnest.ro
cookbook.spauldingtan.com
www.swifteverywhere.net
syasbahamas.org
tariv.app
techlmaginia.in
www.thegoodprojxct.com
theremapp.com
panel.tiendalasmotos.com
ins.tomaz.dev
www.ales.tomcal.cz
rbs.trayn.app
www.trekkingbackcountry.com
www.services.trendydashboard.com
offset.turbosbir.com
vinoradio.app
vlgstech.in
www.vortari.com
weerasak.dev
admin.dev.wespond.de
www.whatway.to
wielandappraisals.com
www.xanderstokes.com
link.dev.zatsudan-work.net
zestargame.com
Other domains in certificate