SSL Certificate Analysis for server.canuckhosting.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=3ygjpy7zb7.top

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 04, 2026

Valid Until

August 02, 2026 72 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

97:5B:28:7C:12:45:47:F1:2B:1E:12:6E:F2:90:E9:F5:A1:FB:FB:6B:16:10:9B:99:71:4E:F4:AE:92:E6:97:8A

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

canuckhosting.com *.canuckhosting.com

Other domains in certificate

30515.win *.30515.win

3ygjpy7zb7.top *.3ygjpy7zb7.top

93ux.cc *.93ux.cc

artecrochet.info *.artecrochet.info *.bbs.artecrochet.info *.webmail.artecrochet.info

bs2web4.shop *.bs2web4.shop

cashflows.net *.cashflows.net

dressstore4.com *.dressstore4.com

epicwalls.com *.epicwalls.com

essencemediacom.digital *.essencemediacom.digital

hedgefund.co.kr *.hedgefund.co.kr

ira7.com *.ira7.com

kdyum.auction *.kdyum.auction

kintzen.com *.kintzen.com

kloty.auction *.kloty.auction

lara.baby *.lara.baby

mantles.top *.mantles.top

meritincome.com *.meritincome.com

mg5dsj9q.buzz *.mg5dsj9q.buzz

milestone.baby *.milestone.baby

milestonebook.baby *.milestonebook.baby

mobilnasplatkyprodluzniky-cz.sbs *.mobilnasplatkyprodluzniky-cz.sbs

mtwil.cfd *.mtwil.cfd

nanobyte.cafe *.nanobyte.cafe

neohub120.info *.neohub120.info

neural-pulsesphere.quest *.neural-pulsesphere.quest

nova-datagrid.quest *.nova-datagrid.quest

nxisf25168.xyz *.nxisf25168.xyz

omega-starlink.quest *.omega-starlink.quest

orbit-datawave.quest *.orbit-datawave.quest

pe.baby *.pe.baby

renteds.com *.renteds.com

solar-neuralnode.quest *.solar-neuralnode.quest

son789.top *.son789.top

stcryptocurrency.top *.stcryptocurrency.top

strayyo.com *.strayyo.com

tab.baby *.tab.baby

tapminer.org *.tapminer.org

tata-daewoo.co.kr *.tata-daewoo.co.kr

tech-starpulse.xyz *.tech-starpulse.xyz

up-2-date.top *.up-2-date.top

vegaswinestorage.com *.vegaswinestorage.com

xanthelorix.top *.xanthelorix.top

ysys322.xyz *.ysys322.xyz