Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
CN=esetng.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 17, 2026
Valid Until
April 17, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
37:AF:49:9A:5D:B4:2E:94:F4:4D:D9:4F:CC:1D:01:43:FF:17:40:66:21:09:1E:DA:B1:5D:5B:59:F9:78:64:55
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Basic
default-src; connect-src; font-src; +12 more
default-src 'self'; connect-src 'self' http://ad.doubleclick.net https://*.analytics.google.com https://*.botframework.com https://*.clarity.ms https://*.demandbase.com https://*.demdex.net https://*.eset.com https://*.googlesyndication.com https://*.hotjar.com https://*.hotjar.io https://*.tt.omtrdc.net https://ads.reddit.com https://adservice.google.com https://analytics.google.com https://analytics.twitter.com https://api.company-target.com https://bat.bing.com https://bat.bing.net https://c.go-mpulse.net https://cdn.acsbapp.com https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://conversions-config.reddit.com https://cookies-data.onetrust.io https://ekr.zdassets.com https://ep.smct.co https://eset.tt.omtrdc.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://grsm.io https://ipb.smct.co https://ipb.smct.io https://js.smct.co https://js.smct.io https://maps.googleapis.com https://partnerlinks.io https://pixel-config.reddit.com https://privacyportal.onetrust.com https://px.ads.linkedin.com https://region1.google-analytics.com https://replay.uxtweak.com https://s.yimg.com https://script.crazyegg.com https://segments.company-target.com https://smct.co https://stats.g.doubleclick.net https://tracker.clickguard.com https://tracking-api.g2.com https://www.facebook.com https://www.google-analytics.com https://www.google.by https://www.google.co.uz https://www.google.com https://www.google.es https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lt https://www.google.lv https://www.google.ru https://www.googleadservices.com https://www.googletagmanager.com https://www.redditstatic.com wss://*.botframework.com wss://*.eset.com wss://*.hotjar.com; font-src 'self' data: https://*.eset.com https://*.gstatic.com https://*.web-assets.eset.com https://fonts.smct.co https://fonts.smct.io https://script.hotjar.com; form-action 'self' https://*.eset-la.com https://*.eset.com https://*.form.eset.com https://*.tienda.eset-la.com https://s1069307879.t.eloqua.com https://webto.salesforce.com https://www.facebook.com; frame-ancestors 'self' https://*.eset.com; frame-src 'self' https://*.eset.com https://*.fls.doubleclick.net https://*.sgtm.eset.com https://8117415.fls.doubleclick.net https://bid.g.doubleclick.net https://eset.demdex.net https://hemsync.clickagy.com https://int.form.eset.com https://js.smct.io https://ls.smct.co https://s.company-target.com https://smct.co https://td.doubleclick.net https://tpc.googlesyndication.com https://unity.survey-solutions.cloud https://vars.hotjar.com https://widget.trustpilot.com https://www.facebook.com https://www.google.com https://www.googletagmanager.com https://www.youtube-nocookie.com https://www.youtube.com; img-src 'self' data: http://ad.doubleclick.net https://*.adform.net https://*.ads.linkedin.com https://*.capterra.com https://*.eset.com https://*.hotjar.com https://*.rlcdn.com https://*.yahoo.co.jp https://ad.doubleclick.net https://ade.googlesyndication.com https://adservice.google.com https://alb.reddit.com https://analytics.google.com https://analytics.twitter.com https://bat.bing.com https://bat.bing.net https://c.bing.com https://c.clarity.ms https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.smct.co https://cdn.smct.io https://cdn1.esetstatic.com https://cm.everesttech.net https://cm.g.doubleclick.net https://connect.facebook.net https://dc.ads.linkedin.com https://dpm.demdex.net https://events.smct.co https://googleads.g.doubleclick.net https://i.ytimg.com https://images.g2crowd.com https://maps.googleapis.com https://pagead2.googlesyndication.com https://pubads.g.doubleclick.net https://px.ads.linkedin.com https://region1.analytics.google.com https://region1.google-analytics.com https://s1069307879.t.eloqua.com https://ssl.google-analytics.com https://stats.g.doubleclick.net https://t.co https://tribl.io https://web-assets.esetstatic.com https://www.facebook.com https://www.google-analytics.com https://www.google.com https://www.googleadservices.com https://www.googletagmanager.com https://www.linkedin.com; manifest-src 'self' https://*.eset.com https://*.web-assets.eset.com; media-src 'self' https://*.eset.com https://*.web-assets.eset.com https://static.zdassets.com; object-src 'self' https://*.eset.com https://*.web-assets.eset.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.eset.com https://*.replay.uxtweak.com https://*.salesforceliveagent.com https://*.web-assets.eset.com https://acsbap.com https://acsbapp.com https://assets.esetstatic.com https://bat.bing.com https://cdn.botframework.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://cdn.linkedin.oribi.io https://cdn1.esetstatic.com https://cdnjs.cloudflare.com https://connect.facebook.net https://d.la1-c2-cdg.salesforceliveagent.com https://embed.tawk.to https://googleads.g.doubleclick.net https://img06.en25.com https://invitejs.trustpilot.com https://js.partnerstack.com https://js.smct.co https://js.smct.io https://maps.googleapis.com https://pagead2.googlesyndication.com https://platform.twitter.com https://s786665.t.eloqua.com https://script.hotjar.com https://scripts.clarity.ms https://smct.co https://snap.licdn.com https://ssl.google-analytics.com https://static.ads-twitter.com https://static.hotjar.com https://static.zdassets.com https://tag.demandbase.com https://tpc.googlesyndication.com https://tracking-api.g2.com https://tribl.io https://widget.trustpilot.com https://www.clarity.ms https://www.google-analytics.com https://www.google.ae https://www.google.am https://www.google.be https://www.google.bg https://www.google.bs https://www.google.by https://www.google.cg https://www.google.ci https://www.google.cl https://www.google.cm https://www.google.co.id https://www.google.co.il https://www.google.co.ke https://www.google.co.ma https://www.google.co.nz https://www.google.co.th https://www.google.co.uz https://www.google.co.ve https://www.google.co.zw https://www.google.com https://www.google.dj https://www.google.dz https://www.google.ee https://www.google.es https://www.google.fi https://www.google.ge https://www.google.gr https://www.google.hr https://www.google.hu https://www.google.ie https://www.google.kg https://www.google.kz https://www.google.lk https://www.google.lt https://www.google.md https://www.google.me https://www.google.mk https://www.google.ps https://www.google.pt https://www.google.ro https://www.google.ru https://www.google.se https://www.google.si https://www.google.tn https://www.googleadservices.com https://www.googleoptimize.com https://www.googletagmanager.com https://www.gstatic.com https://www.redditstatic.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://*.eset.com https://*.hotjar.com https://*.web-assets.eset.com https://cdn.esetstatic.com https://cdn.jsdelivr.net https://fonts.smct.co https://fonts.smct.io; worker-src 'self' https://*.eset.com; report-uri https://www-eset-com.api.cspconsole.com; report-to csp-endpoint;
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports