Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=locltour.com.au
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
37 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F9:80:ED:B8:07:A6:EA:D6:85:98:55:67:13:0A:CE:A8:84:D2:AF:E6:11:8B:4D:D9:16:9F:EA:0F:85:BE:1C:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
techydhruv.com
vobo.1cham.vn
dev.feasibility.demo.28east.co.za
www.a17k.no
freja.devel.agriopt.se
app.anilimoveis.com.br
arnapurnaevents.in
www.ashokabearings.com
badilexpress.com
www.bat-path.baseball-connections.com
www.bergerkitzbuehel.at
blakemcbay.com
homeconstruction.bluevalley.in
share.byggjobs.app
dev.app.collagia.ai
danielhu.io
www.datasenseanalytics.com
marcusaraujotv.datastore.com.br
dev.student.dena.com
www.djamga.com
www.enlightapps.pl
tienda.escombraura.com
familiar.evisjap.co.jp
florianna.ru
www.foddis-auto.de
fuckyoukaren.ca
www.funid.com
gocardsmith.co
gungseochae.com
harmanlikimya.tr
henryngo.co
www.henryngo.co
ipm.hl-dev.eu
hyen.io.vn
iredstone.app
www.kalashmakeover.in
demo.kvdigital.swiss
lamarcaregistros.com.br
ca.lims.leadout.app
www.letterstatus.com
liambarracksoftware.com
locltour.com.au
www.lornasiggins.com
lparts.ge
mediaclown.live
midlynk.com
www.mimievents.co.za
admin.minsparta.ru
aslan.mojo-pay.com
www.moomugs.com
www.neptunestech.com
www.novatek29.ru
fire.xman.nyc.mn
www.onepointfive.tokyo
business.onlyryan.co.za
staging.optimajs.com
www.pacatch.com
pensioenbijcovertus.nl
genscape.pensioenstartpunt.nl
todo.peterneumark.com
www.pikulik.berlin
presovskazmenaren.sk
old.progettochearia.it
psychopneumologie.at
www.pustakabunda.com
mgpu.qrq.app
r-at-work.com
radextds.com
www.radiator.link
rileyeaton.com
sahedbdtech.online
www.sates.mn
scorekeeper.cc
dev.social-quebly.com
france.solomonschariot.com
staging.wcf.stackbuilders.net
metismanager.stepinsight.com.au
lab.dev3.svexa.com
tarukatechnologies.com
www.taskagenda.app
bravelife.tbitz.one
temeliptv.com
www.thelogiclens.com
thesimpleclub.at
thijsremie.nl
tiffinclub.co
pivot-docs.troopthemes.com
time-calculator.tyganeutronics.com
beta.aura.upswing.global
beta.data.usp.center
www.valenegocios.pt
vibetdd.dev
vupcorp.com
webtemple.lk
wevegotcancer.com
led.whiskay.dev
williamgrube.com
windaygeneraltrading.com
www.worthydrinks.com
www.wydesign22.com
Other domains in certificate