Open
Cached
·
just now
95/100
SECURITY SCORE
Certificate Information
Subject
CN=*.astar.network
Issuer
C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com RSA SSL subCA
Valid From
October 07, 2025
Valid Until
September 09, 2026
256 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2D:8B:20:AD:CF:9F:1C:EF:A3:B8:4F:E5:DC:57:91:62:86:99:51:C8:27:B0:48:52:F3:13:5C:32:A5:A1:45:40
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Good
default-src; style-src; style-src-elem; +4 more
default-src 'self' 'unsafe-inline' widget.docsbot.ai ; style-src 'self' 'unsafe-inline' ; style-src-elem 'self' 'unsafe-inline' cdn.jsdelivr.net; font-src 'self' cdn.jsdelivr.net; img-src 'self' https://hackmd-prod-images.s3-ap-northeast-1.amazonaws.com/ *.googleusercontent.com user-images.githubusercontent.com i.ytimg.com https://hackmd.io/ https://*.imgur.com/ https://*.enkrypt.com/ data:; connect-src 'self' https://*.algolia.net https://*.algolianet.com docsbot.ai api.docsbot.ai wss://api.docsbot.ai; frame-src 'self' 'unsafe-inline' https://widget.docsbot.ai https://*.youtube.com https://*.replit.com https://replit.com https://codesandbox.io
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Present
same-origin
Permissions-Policy
Present
accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()
Recommendations
- • Strengthen CSP by removing 'unsafe-eval'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports