Open
Cached
·
just now
81/100
SECURITY SCORE
Detected Technologies
AWS CloudFront
Let's Encrypt
Google AdSense
Google Tag Manager
Bing
G2
SurveyMonkey
Google Hosted Libraries
AppNexus (Xandr)
WordPress
Webflow
HubSpot Forms
Cookiebot
Capterra
HubSpot Feedback & Surveys
Google DoubleClick
AdRoll
Google Analytics
Microsoft Advertising
Google Conversion Tracking
Yoast
6sense
Greenhouse
Google API JS Client
Google Fonts
Level Access
Vidyard
Wistia
Hotjar
LinkedIn
ZoomInfo
Influ2
HubSpot Analytics
unpkg
Google Search
BootstrapCDN
Adobe Marketo
Demandbase
Qualified
Facebook
Amazon S3
AddEvent
Recruitics
AddToAny
Rollbar
Cloudflare CDNJS
jQuery
Visual Website Optimizer
Akamai
HubSpot
Intercom
Highcharts
YouTube
The Trade Desk
HubSpot Live Chat
Sentry
jsDelivr
Certificate Information
Subject
CN=levelaccess.com
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
April 21, 2026
Valid Until
July 20, 2026
76 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
A7:20:55:4E:CC:0B:99:9D:CC:FF:3E:76:F9:89:AF:4E:6B:B2:5B:71:C9:38:33:E7:4F:32:2A:4E:A3:AF:BD:F5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
frame-ancestors; block-all-mixed-content; script-src; +12 more
Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 5 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts