Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=impactdetailing.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 21, 2026
Valid Until
July 20, 2026
33 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
35:D5:A1:E9:53:6E:50:1C:82:E4:43:85:70:49:81:29:37:FE:D0:95:1C:B4:4C:BF:0C:BA:D9:BC:F4:1F:5D:7B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
68 domains
munk.studio
*.munk.studio
1wingbola.xyz
*.1wingbola.xyz
*.mww12.1wingbola.xyz
*.ww12.1wingbola.xyz
*.www.1wingbola.xyz
clicktrack.click
*.clicktrack.click
detsad.me
*.detsad.me
dtctest.com
*.dtctest.com
exeterlasereyesurgeons.co.uk
*.exeterlasereyesurgeons.co.uk
firstpeopleofcanada.com
*.firstpeopleofcanada.com
futurebot.live
*.futurebot.live
ghanacommercialonlinebanking.com
*.ghanacommercialonlinebanking.com
gopatietco.com
*.gopatietco.com
*.random.gopatietco.com
igloohome.pro
*.igloohome.pro
impactdetailing.com
*.impactdetailing.com
*.vip.impactdetailing.com
*.ww1.impactdetailing.com
*.apply.jobs-2030.com
*.cards.jobs-2030.com
*.dw3.jobs-2030.com
*.eid.jobs-2030.com
jobs-2030.com
*.jobs-2030.com
*.match.jobs-2030.com
*.nc-ph-3114.jobs-2030.com
*.ocr.jobs-2030.com
*.server1.jobs-2030.com
*.test.jobs-2030.com
*.tlev.jobs-2030.com
lemousqueton.be
*.lemousqueton.be
orcra.life
*.orcra.life
permai4d6.click
*.permai4d6.click
projetgolden.fr
*.projetgolden.fr
qmoed.space
*.qmoed.space
raingen.de
*.raingen.de
ravellia.fr
*.ravellia.fr
royal378store.click
*.royal378store.click
*.random.shafa.live
shafa.live
*.shafa.live
tanktop.com.au
*.tanktop.com.au
*.samplesite.virtualwebhost.com.au
virtualwebhost.com.au
*.virtualwebhost.com.au
wunschgutaschein.de
*.wunschgutaschein.de
Other domains in certificate