DNS Gurus
Cached · just now
85/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 42
AWS CloudFront logo AWS CloudFront Google Tag Manager logo Google Tag Manager Salesforce Cloud logo Salesforce Cloud Amplitude logo Amplitude Google Hosted Libraries logo Google Hosted Libraries Command AI logo Command AI Capterra logo Capterra Pendo logo Pendo Zapier logo Zapier DataTables logo DataTables Google DoubleClick logo Google DoubleClick AdRoll logo AdRoll Google Analytics logo Google Analytics Google Conversion Tracking logo Google Conversion Tracking Firebase logo Firebase Report URI logo Report URI Mixpanel logo Mixpanel Google Cloud Storage logo Google Cloud Storage Google Static File Front End logo Google Static File Front End Outbrain logo Outbrain Calendly logo Calendly Google Fonts logo Google Fonts Wistia logo Wistia LinkedIn logo LinkedIn Zendesk logo Zendesk Stripe logo Stripe Google Search logo Google Search BootstrapCDN logo BootstrapCDN Adobe Marketo logo Adobe Marketo Facebook logo Facebook Salesforce Sites logo Salesforce Sites Cloudflare CDNJS logo Cloudflare CDNJS AWS logo AWS jQuery logo jQuery AWS Certificate Manager logo AWS Certificate Manager Visual Website Optimizer logo Visual Website Optimizer Akamai logo Akamai Active incidents Intercom logo Intercom YouTube logo YouTube Font Awesome logo Font Awesome Sentry logo Sentry Google Cloud logo Google Cloud

Certificate Information

Subject
CN=asknice.ly
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M04
Valid From
June 30, 2025
Valid Until
July 29, 2026 111 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E3:24:51:B0:FB:78:24:65:4E:98:97:D2:BE:35:88:EF:15:40:28:39:73:78:3B:2A:8A:4D:E0:D8:74:2E:5F:D4
Alternative Names
6 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
AWS CloudFront logo
Basic
default-src; script-src; style-src; +9 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Consider adding 'preload' to HSTS for maximum security
  • Improve CSP by adding more specific directives and removing 'unsafe-inline'
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports