Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=oasislunch.ca
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
May 29, 2026
Valid Until
August 27, 2026
63 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6A:95:72:A0:0B:41:DF:34:36:0E:DB:EE:C5:0F:05:76:F9:B0:DC:5E:1F:A3:38:57:2F:2C:50:97:75:84:75:6A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
ethicspoint.co
*.ethicspoint.co
*.conehealth.ethicspoint.co
*.equinix.ethicspoint.co
*.onewabash.ethicspoint.co
*.pdsasiastar.ethicspoint.co
application.run
*.application.run
*.thisworkbook.application.run
chateargratis.com
*.chateargratis.com
*.ww25.chateargratis.com
*.bbs.desatis.de
desatis.de
*.desatis.de
*.idev.desatis.de
*.service.desatis.de
*.www-idev.desatis.de
*.youtube.desatis.de
*.campaign.imprl.com
*.cucmpub1-pk10.imprl.com
*.expressway-e1.imprl.com
*.files.imprl.com
imprl.com
*.imprl.com
*.inet.imprl.com
*.portal.imprl.com
*.seg.imprl.com
*.ucxnpub1-pk10.imprl.com
*.vpn.imprl.com
ks1937.com
*.ks1937.com
*.sitemap.ks1937.com
lofthr.com
*.lofthr.com
oasislunch.ca
*.oasislunch.ca
*.2gx0.poolcarehouston.info
*.api.poolcarehouston.info
*.dev.poolcarehouston.info
*.dnaordev.poolcarehouston.info
*.is2gx0.poolcarehouston.info
*.jprrhis2gx0.poolcarehouston.info
*.members.poolcarehouston.info
poolcarehouston.info
*.poolcarehouston.info
*.test.poolcarehouston.info
*.www.poolcarehouston.info
*.cpanel.preventivaips.com
*.ftp.preventivaips.com
preventivaips.com
*.preventivaips.com
*.webmail.preventivaips.com
*.ww7.preventivaips.com
*.www.preventivaips.com
*.2662ff37-9772-43e4-953a-d6da445ece9a.recoverconsultants.com
*.admin.recoverconsultants.com
*.app.recoverconsultants.com
*.backup.recoverconsultants.com
*.cloud.recoverconsultants.com
*.gdskosmtp.recoverconsultants.com
*.mupnsa.recoverconsultants.com
*.rd.recoverconsultants.com
*.rds.recoverconsultants.com
*.rdweb.recoverconsultants.com
recoverconsultants.com
*.recoverconsultants.com
*.remote.recoverconsultants.com
*.smtp.recoverconsultants.com
*.uat.recoverconsultants.com
*.www.recoverconsultants.com
*.hostmaster.seizinger.com
*.rd.seizinger.com
*.remote.seizinger.com
seizinger.com
*.seizinger.com
*.www.seizinger.com
*.sandbox.shopking.live
shopking.live
*.shopking.live
smu.life
*.smu.life
*.ww38.smu.life
superrider472.info
*.superrider472.info
*.wildcard.xn--8ovn94c.com
xn--8ovn94c.com
*.xn--8ovn94c.com
xonados.co
*.xonados.co
Other domains in certificate