Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=safeharborcapitaladvisors.net
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 23, 2026
Valid Until
August 21, 2026
69 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BE:B8:C7:92:88:EC:77:0D:C0:24:76:B2:0A:8C:10:F8:72:8E:FC:0C:AF:4D:BB:8A:21:3B:C3:89:EC:5A:E5:17
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
hubsmithlab.com
*.hubsmithlab.com
*.stage.hubsmithlab.com
abc-globe.com
*.abc-globe.com
*.co.abc-globe.com
aktivist.com
*.aktivist.com
azdrpatientportal.com
*.azdrpatientportal.com
*.fbapps.azdrpatientportal.com
*.ww38.azdrpatientportal.com
bitlly.com
*.bitlly.com
*.husaerimassage.bitlly.com
*.ww25.bitlly.com
*.admin.centralheating.it
*.app.centralheating.it
*.backup.centralheating.it
centralheating.it
*.centralheating.it
*.demo.centralheating.it
*.staging.centralheating.it
*.cc.eeennn123.xyz
*.cf.eeennn123.xyz
*.cm.eeennn123.xyz
*.cp.eeennn123.xyz
*.cy.eeennn123.xyz
eeennn123.xyz
*.eeennn123.xyz
*.fc.eeennn123.xyz
*.ff.eeennn123.xyz
*.fm.eeennn123.xyz
*.fp.eeennn123.xyz
*.fy.eeennn123.xyz
*.mc.eeennn123.xyz
*.mf.eeennn123.xyz
*.mm.eeennn123.xyz
*.mp.eeennn123.xyz
*.my.eeennn123.xyz
*.pc.eeennn123.xyz
*.pf.eeennn123.xyz
*.pm.eeennn123.xyz
*.pp.eeennn123.xyz
*.yc.eeennn123.xyz
*.yf.eeennn123.xyz
*.ym.eeennn123.xyz
*.yp.eeennn123.xyz
*.yy.eeennn123.xyz
exodiaonchain.xyz
*.exodiaonchain.xyz
*.jxc88.exodiaonchain.xyz
*.ujqem78z68.exodiaonchain.xyz
*.assets.finveely.com
*.blog.finveely.com
*.emptbgvrzjapi.finveely.com
finveely.com
*.finveely.com
freehandwine.com.au
*.freehandwine.com.au
*.comune.gerd.studio
gerd.studio
*.gerd.studio
*.new.gerd.studio
rblxcopy.net
*.rblxcopy.net
*.ww25.rblxcopy.net
*.comune.rdt.com.au
*.mail.rdt.com.au
rdt.com.au
*.rdt.com.au
retrobet.net
*.retrobet.net
*.random.safeharborcapitaladvisors.net
safeharborcapitaladvisors.net
*.safeharborcapitaladvisors.net
*.ww38.safeharborcapitaladvisors.net
trueteens.top
*.trueteens.top
*.poc.typingspace.com.au
typingspace.com.au
*.typingspace.com.au
*.ww25.typingspace.com.au
vetlink.solutions
*.vetlink.solutions
*.ww38.vetlink.solutions
*.app.walmwalmart.com
*.beta.walmwalmart.com
walmwalmart.com
*.walmwalmart.com
Other domains in certificate