Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=asphaltrepairs.ca
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
69 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2D:8D:11:88:1F:C2:B8:0A:D1:E4:3C:A8:FD:68:48:80:FF:CC:F0:68:1E:6C:0F:E5:B0:1B:82:05:96:E0:9F:DA
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
cffbdb.cc
*.cffbdb.cc
artisanalgardeningcrafts.xyz
*.artisanalgardeningcrafts.xyz
asphaltrepairs.ca
*.asphaltrepairs.ca
assuvx.pro
*.assuvx.pro
athenaai.org
*.athenaai.org
attheendoftheday.it
*.attheendoftheday.it
autoinsurers4u.com
*.autoinsurers4u.com
azcknkc.shop
*.azcknkc.shop
azvxhq.pro
*.azvxhq.pro
bajilivelogin.bet
*.bajilivelogin.bet
bananeneiland.com
*.bananeneiland.com
bankrupt.one
*.bankrupt.one
baze.it
*.baze.it
beautystation.net
*.beautystation.net
bet88th.pro
*.bet88th.pro
bettingbooks.it
*.bettingbooks.it
biomedicalinstruments.it
*.biomedicalinstruments.it
birthdaypartyinv.com
*.birthdaypartyinv.com
bonatile.com
*.bonatile.com
booksdancestories.xyz
*.booksdancestories.xyz
bookyourtable.it
*.bookyourtable.it
brfliji.com
*.brfliji.com
brightdiyprojects.xyz
*.brightdiyprojects.xyz
bristol-bbc-anchor.org
*.bristol-bbc-anchor.org
bt8.ing
*.bt8.ing
by0333u.cyou
*.by0333u.cyou
c0190.com
*.c0190.com
caprichos.it
*.caprichos.it
careeradvancement.sbs
*.careeradvancement.sbs
careerbeyondlimits.xyz
*.careerbeyondlimits.xyz
careergrowthstrategies.xyz
*.careergrowthstrategies.xyz
careermovepioneer.xyz
*.careermovepioneer.xyz
cariera.top
*.cariera.top
carpetcleaningbrentford.com
*.carpetcleaningbrentford.com
cbslc.net
*.cbslc.net
cfq.it
*.cfq.it
chatatme.com
*.chatatme.com
chineserestaurant.it
*.chineserestaurant.it
classicbaseball.us
*.classicbaseball.us
classictraveladventures.xyz
*.classictraveladventures.xyz
clubmiums.com
*.clubmiums.com
cnieraronieasdalszone.shop
*.cnieraronieasdalszone.shop
coachingbalance.nl
*.coachingbalance.nl
colourfulgardeninghues.live
*.colourfulgardeninghues.live
compromessi.it
*.compromessi.it
Other domains in certificate