Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=alumnus.com.au
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 13, 2026
Valid Until
August 11, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
71:EF:2C:EC:AC:BB:75:A1:E4:C0:54:E6:3B:C5:1A:5B:78:42:7B:A1:90:90:A8:E6:E4:09:78:A4:41:C1:A3:E0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
tryplanswellapp.com
*.tryplanswellapp.com
013456.top
*.013456.top
013467.top
*.013467.top
11127.co
*.11127.co
18954.sbs
*.18954.sbs
22301.mobi
*.22301.mobi
25wenxue.cc
*.25wenxue.cc
336d7cxh.top
*.336d7cxh.top
36974.blog
*.36974.blog
42708.gdn
*.42708.gdn
5k3n.cc
*.5k3n.cc
83250.my
*.83250.my
88504.loan
*.88504.loan
8vjd30.cyou
*.8vjd30.cyou
adsonredditproject.co
*.adsonredditproject.co
alumnus.com.au
*.alumnus.com.au
amerigan.com
*.amerigan.com
apptweaks.vip
*.apptweaks.vip
balawejder.com
*.balawejder.com
bbccommagazine.org
*.bbccommagazine.org
bbugoafricalimited.com
*.bbugoafricalimited.com
bestweekly.xyz
*.bestweekly.xyz
beta138.skin
*.beta138.skin
bf90800.cc
*.bf90800.cc
boostmaxoutmedia.com
*.boostmaxoutmedia.com
brokenhearth.com
*.brokenhearth.com
c38s.cyou
*.c38s.cyou
cansenlewis.info
*.cansenlewis.info
cherrycam.net
*.cherrycam.net
club-vulcan24.sbs
*.club-vulcan24.sbs
contractorgtm.business
*.contractorgtm.business
discovermoscreative.business
*.discovermoscreative.business
dryingaiq.com
*.dryingaiq.com
dubaicitywalk.com
*.dubaicitywalk.com
ecovillages.co.in
*.ecovillages.co.in
edigarden.com
*.edigarden.com
emailwherefouradvertise.co
*.emailwherefouradvertise.co
engj.com
*.engj.com
exploreunsupervisedaiagentsadvertise.co
*.exploreunsupervisedaiagentsadvertise.co
teamdonutnewsadvertise.co
*.teamdonutnewsadvertise.co
tskzr7.top
*.tskzr7.top
venderaco.com
*.venderaco.com
vonforn.shop
*.vonforn.shop
wolf369.online
*.wolf369.online
wulkan-demo.cyou
*.wulkan-demo.cyou
Other domains in certificate