Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=virtualcanvasworks.digital
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 07, 2026
Valid Until
September 05, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CB:53:65:9F:79:59:B9:8E:00:2E:6A:0E:2A:C4:4E:FD:75:EE:C2:62:F0:1E:1E:2C:C2:AC:94:3C:35:1A:3B:12
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
tsyuteng.com
*.tsyuteng.com
artjara.com
*.artjara.com
*.www.artjara.com
*.39470c81-9395-4686-83f4-c9330d8f34be.buma.work
buma.work
*.buma.work
*.a.grossannualincome.info
*.e846d5c0-72c7-41b1-a2e4-d53b6ad52de8.grossannualincome.info
*.ewlodserver.grossannualincome.info
grossannualincome.info
*.grossannualincome.info
*.rustore.grossannualincome.info
*.vps.grossannualincome.info
*.app.kidzjourney.com
kidzjourney.com
*.kidzjourney.com
*.assets.paperchase.life
*.backup.paperchase.life
*.bbbbf3bb-ae8f-4d0d-bfdd-0c17e973df5a.paperchase.life
*.dashboard.paperchase.life
*.demo.paperchase.life
*.fmfwfmail.paperchase.life
*.klkahbackup.paperchase.life
*.mail.paperchase.life
*.mailer.paperchase.life
*.marketing.paperchase.life
*.members.paperchase.life
paperchase.life
*.paperchase.life
*.qa.paperchase.life
*.secure.paperchase.life
*.twcewmembers.paperchase.life
planetaortope.store
*.planetaortope.store
*.ww25.planetaortope.store
*.autoconfig.proimage.it
*.demo.proimage.it
*.email.proimage.it
proimage.it
*.proimage.it
*.ftp.sinidong4.click
sinidong4.click
*.sinidong4.click
*.img1-fg.sobay.com
sobay.com
*.sobay.com
*.random.sydneyferry.com.au
sydneyferry.com.au
*.sydneyferry.com.au
*.ww25.sydneyferry.com.au
*.imap.vestinte.xyz
*.mail.vestinte.xyz
*.mwxvhmailhost.vestinte.xyz
*.relay.vestinte.xyz
vestinte.xyz
*.vestinte.xyz
*.admin.virtualcanvasworks.digital
*.api.virtualcanvasworks.digital
*.app.virtualcanvasworks.digital
*.assets.virtualcanvasworks.digital
*.backup.virtualcanvasworks.digital
*.staging.virtualcanvasworks.digital
*.test.virtualcanvasworks.digital
*.uat.virtualcanvasworks.digital
virtualcanvasworks.digital
*.virtualcanvasworks.digital
*.webmail.virtualcanvasworks.digital
vopar.xyz
*.vopar.xyz
vulcan-kazino.monster
*.vulcan-kazino.monster
wdtu75g.top
*.wdtu75g.top
weddingcarenetwork.beauty
*.weddingcarenetwork.beauty
*.d.works.org.uk
*.learning.works.org.uk
*.participation.works.org.uk
works.org.uk
*.works.org.uk
yvjhv.my
*.yvjhv.my
yvskrqthe.cc
*.yvskrqthe.cc
yzkmr.my
*.yzkmr.my
zy8888.xyz
*.zy8888.xyz
Other domains in certificate