Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=kinsey.com.au
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 01, 2026
Valid Until
May 30, 2026
30 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CF:02:46:E2:67:EA:EF:3F:B1:F7:F7:9D:D5:38:D4:85:23:FF:1A:50:9F:CE:BE:4C:9D:54:84:A4:14:0E:1E:63
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
lordoftheflies.org
*.lordoftheflies.org
*.random.lordoftheflies.org
*.webmail.lordoftheflies.org
bensamuel.org
*.bensamuel.org
billpaysanfordhealth.org
*.billpaysanfordhealth.org
blacket.live
*.blacket.live
*.ww38.blacket.live
colecaomeulivro.com.br
*.colecaomeulivro.com.br
*.ns1.colecaomeulivro.com.br
dayoukitchen.com
*.dayoukitchen.com
*.ww25.dayoukitchen.com
dnsleaktest.world
*.dnsleaktest.world
*.ww25.dnsleaktest.world
*.ww38.dnsleaktest.world
dntrade.org
*.dntrade.org
erro500.com.br
*.erro500.com.br
*.ns2.erro500.com.br
*.ww25.erro500.com.br
figmaparainiciantes.com.br
*.figmaparainiciantes.com.br
*.ns2.figmaparainiciantes.com.br
*.ns3.figmaparainiciantes.com.br
flyingzstables.net
*.flyingzstables.net
*.ww25.flyingzstables.net
icaiunanet.com.br
*.icaiunanet.com.br
*.ns3.icaiunanet.com.br
*.random.icaiunanet.com.br
kinsey.com.au
*.kinsey.com.au
*.app.meukitdigital.online
*.dashboard.meukitdigital.online
*.host.meukitdigital.online
*.kafka.meukitdigital.online
*.mail12.meukitdigital.online
meukitdigital.online
*.meukitdigital.online
*.smtp3.meukitdigital.online
*.thor.meukitdigital.online
*.ww25.meukitdigital.online
onlinebacc.com
*.onlinebacc.com
*.hostmaster.pantalla.online
pantalla.online
*.pantalla.online
pcfmyquest.com
*.pcfmyquest.com
pilarlogin.click
*.pilarlogin.click
prontocourier.com
*.prontocourier.com
rafaelvandervaart.com
*.rafaelvandervaart.com
ridvutpubozr.com
*.ridvutpubozr.com
satanist.com.au
*.satanist.com.au
*.ww25.satanist.com.au
*.ww38.satanist.com.au
*.random.southsatebank.com
southsatebank.com
*.southsatebank.com
*.ww25.southsatebank.com
*.ww38.southsatebank.com
studysoch.online
*.studysoch.online
*.random.tangomangous.com
tangomangous.com
*.tangomangous.com
urpctsrjilp.com
*.urpctsrjilp.com
*.ns1.visioncine-2.com.br
*.ns3.visioncine-2.com.br
visioncine-2.com.br
*.visioncine-2.com.br
*.ww16.visioncine-2.com.br
*.ww38.visioncine-2.com.br
z3.com.au
*.z3.com.au
Other domains in certificate