SSL Certificate Analysis for calgaryprivatesecurity.ca - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=290fitness.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 17, 2026

Valid Until

August 15, 2026 60 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

96:B7:1F:0D:34:BF:BF:6D:3D:5B:98:15:D3:05:81:4C:2F:93:76:BE:57:AF:42:9B:83:3D:A8:41:03:F4:01:DE

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

calgaryprivatesecurity.ca *.calgaryprivatesecurity.ca

Other domains in certificate

1374623.com *.1374623.com

290fitness.com *.290fitness.com

332dl.tv *.332dl.tv

350tt.app *.350tt.app

395041.lgbt *.395041.lgbt

98265.me *.98265.me

9871935.top *.9871935.top

988slotgiga.click *.988slotgiga.click

98960000.co *.98960000.co

99076360.top *.99076360.top

992551.club *.992551.club

99262799.top *.99262799.top

992952.actor *.992952.actor

99301.vip *.99301.vip

99302.vip *.99302.vip

99303.vip *.99303.vip

99464.me *.99464.me

99500.co *.99500.co

997599.locker *.997599.locker

999esports.com *.999esports.com

99se.asia *.99se.asia

99se.blog *.99se.blog

9c9.me *.9c9.me

9certificate.com *.9certificate.com

9cv7.com *.9cv7.com

9e9.me *.9e9.me

a359jys.top *.a359jys.top

ableapps.com *.ableapps.com

aman138.com *.aman138.com

amandakuhl.com *.amandakuhl.com

ancientsupply.com *.ancientsupply.com

annuitybtc.com *.annuitybtc.com

apparentstudio.com *.apparentstudio.com

appointments.rsvp *.appointments.rsvp

avto.vip *.avto.vip

bengkel-kita.com *.bengkel-kita.com

bkuj8lw.top *.bkuj8lw.top

blindsatdanvilledesigngallery.com *.blindsatdanvilledesigngallery.com

boomslotonline.com *.boomslotonline.com

botator.com *.botator.com

boysclub0x70.com *.boysclub0x70.com

calcmd.info *.calcmd.info

calendars.rsvp *.calendars.rsvp

campainomics.com *.campainomics.com