SSL Certificate Analysis for influitive.com - Security Grade & TLS Configuration | DNS Gurus

Open Cached · just now

88/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 60

Google Tag Manager

AppNexus (Xandr) Active incidents

Liveramp Active incidents

Advertising.com

Google DoubleClick

Google Analytics

Google Conversion Tracking

Basis Technologies

Google Static File Front End

HubSpot Analytics

DigitalOcean Spaces

Rubicon Project

Google Optimize

HubSpot Live Chat

Certificate Information

Subject

CN=influitive.com

Issuer

C=US, O=Let's Encrypt, CN=E7

Valid From

March 02, 2026

Valid Until

May 31, 2026 33 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

20:B8:A1:36:D6:F4:36:FE:F0:C1:37:A1:EC:B6:F4:E1:AD:7D:AA:05:79:60:F1:EA:12:08:73:4D:FE:48:05:50

Alternative Names

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=63072000

Content-Security-Policy

Basic

default-src; script-src; style-src; +6 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records

Configured (Restricts certificate issuance)

Current Issuer

Authorized (Matches CAA policy)

Authorized CAs

amazontrust.com awstrust.com digicert.com letsencrypt.org amazon.com amazonaws.com

Recommendations

• Consider using critical flag (flags=128) for stricter CAA enforcement
• You have authorized 6 CAs - consider limiting to only the CAs you actively use
• Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
• Consider adding 'issuewild' records to control wildcard certificate issuance

Subject Alternative Names

1 domain

influitive.com