Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=fidelityi.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 17, 2026
Valid Until
September 15, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
40:BC:D1:4B:FA:6E:A3:85:7E:F4:24:DB:1E:76:81:BE:A6:E4:24:28:0E:8B:E9:5D:E1:20:10:58:B6:42:1D:5E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
fidelityi.com
*.fidelityi.com
*.1okk8bcofs.fidelityi.com
*.admin.fidelityi.com
*.app.fidelityi.com
*.beta.fidelityi.com
*.chat.fidelityi.com
*.ci.fidelityi.com
*.cicd.fidelityi.com
*.crm.fidelityi.com
*.demo.fidelityi.com
*.en.fidelityi.com
*.fic00dt0lk1ra1ms.fidelityi.com
*.integration.fidelityi.com
*.jenkins.fidelityi.com
*.mail.fidelityi.com
*.pda.fidelityi.com
*.random.fidelityi.com
*.store.fidelityi.com
*.test.fidelityi.com
*.ww16.fidelityi.com
*.ww25.fidelityi.com
*.ww38.fidelityi.com
camiguintourismassociation.com
*.camiguintourismassociation.com
*.sitemaps.camiguintourismassociation.com
josvaicar.eu
*.josvaicar.eu
*.ww38.josvaicar.eu
kraft.network
*.kraft.network
kuiaq.bid
*.kuiaq.bid
lilyleedsbrand.com
*.lilyleedsbrand.com
lokerbumn.co
*.lokerbumn.co
*.aaron.potomaccrossfit.com
*.brian.potomaccrossfit.com
*.challenge.potomaccrossfit.com
*.com.potomaccrossfit.com
*.competition.potomaccrossfit.com
*.endurance.potomaccrossfit.com
*.enicfkr.potomaccrossfit.com
*.fcxrmqy.potomaccrossfit.com
*.fgb2015.potomaccrossfit.com
*.foundations.potomaccrossfit.com
*.games.potomaccrossfit.com
*.gettingstarted.potomaccrossfit.com
*.mail.potomaccrossfit.com
potomaccrossfit.com
*.potomaccrossfit.com
*.secureimap.potomaccrossfit.com
*.server.potomaccrossfit.com
*.zgntupj.potomaccrossfit.com
premiosdehoje.com
*.premiosdehoje.com
pruvia.co
*.pruvia.co
qdyingshi.com
*.qdyingshi.com
r117.cc
*.r117.cc
rhodyoysters.co
*.rhodyoysters.co
rqp2nk.cyou
*.rqp2nk.cyou
sheleftandshesnotcomingbackanditsallyourfault.co
*.sheleftandshesnotcomingbackanditsallyourfault.co
shopmrbeast.co
*.shopmrbeast.co
skbusinesssolutions.co
*.skbusinesssolutions.co
smartech.live
*.smartech.live
spankwire.co
*.spankwire.co
spinempire.xyz
*.spinempire.xyz
srlzj.love
*.srlzj.love
*.blog.vavadaf37.fun
*.dfgicniujsadmin.vavadaf37.fun
vavadaf37.fun
*.vavadaf37.fun
*.wwwadmin.vavadaf37.fun
*.wwwm.vavadaf37.fun
*.www.xn--fhq57bz06ahsz.com
xn--fhq57bz06ahsz.com
*.xn--fhq57bz06ahsz.com
Other domains in certificate