Open
Cached
·
just now
86/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=osb.status.ato.gov.au
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 10, 2026
Valid Until
July 09, 2026
66 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BD:6E:4C:DA:EE:B5:D6:B1:ED:E0:4B:77:EE:E5:2A:62:73:78:F2:66:F4:5C:42:43:7C:B4:23:D8:5A:02:53:11
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=259200
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
29 domains
status.assertiveyield.com
osb.status.ato.gov.au
statuspage.openground.bentley.com
status.darts-ip.com
status.eurodata.de
status.exercise.com
status.foundryusapool.com
www.gaggleampstatus.com
status.jenzabarcloud.com
status.joincandidhealth.com
statuspage.keynetix.cloud
status.learnamp.com
www.mixpanelstatus.com
status.moveworkforward.com
status.nektar.io
trust-ca.netdocuments.com
status.powersync.com
status.prequal.co.nz
status.pricelinepartnersolutions.com
status.sanomapro.fi
prod-vtb-status.savanainc.com
status.setup-php.com
status.uml.edu
status.unqork.com
status.usebutton.com
status.vplan.com
status.weld.app
status.wl-engage.com
status.yoti.com
Other domains in certificate