Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=nattokinase.bio
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 18, 2025
Valid Until
March 18, 2026
43 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
8E:F5:D4:CE:EB:DD:D4:7B:BB:B8:AF:3D:7D:DE:F8:D0:59:E2:DD:E0:F4:C0:45:3C:69:74:96:98:46:2C:25:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
74 domains
convertfiles.online
*.convertfiles.online
*.api.convertfiles.online
*.random.convertfiles.online
*.ww7.convertfiles.online
4kuaixuexi.com
*.4kuaixuexi.com
brasiers.com
*.brasiers.com
*.random.brasiers.com
btcsaudiarabia.com
*.btcsaudiarabia.com
*.ci.btcsaudiarabia.com
*.pipeline.btcsaudiarabia.com
cuanwin138jackpot.click
*.cuanwin138jackpot.click
don.bio
*.don.bio
epicestonia.com
*.epicestonia.com
feelinglovegeo.site
*.feelinglovegeo.site
*.find.feelinglovegeo.site
freescatt3r2.click
*.freescatt3r2.click
*.m.freescatt3r2.click
graniteoaks.com
*.graniteoaks.com
*.random.graniteoaks.com
*.ww25.graniteoaks.com
*.ww31.graniteoaks.com
*.anaitwa.kijiji.au
kijiji.au
*.kijiji.au
*.unalisha.kijiji.au
*.wa.kijiji.au
*.wako.kijiji.au
*.ya.kijiji.au
*.download.lpod-project.org
lpod-project.org
*.lpod-project.org
mastertronics.co
*.mastertronics.co
mrharispetzone.com
*.mrharispetzone.com
*.ww25.mrharispetzone.com
nattokinase.bio
*.nattokinase.bio
*.rustore.nattokinase.bio
nessa.bio
*.nessa.bio
opuspublishing.com
*.opuspublishing.com
*.random.opuspublishing.com
plantesforkids.org
*.plantesforkids.org
*.random.plantesforkids.org
*.store.plantesforkids.org
*.ww38.plantesforkids.org
regalamemoria.com
*.regalamemoria.com
selfdrivingcar.cab
*.selfdrivingcar.cab
*.random.shanmobiles.com
shanmobiles.com
*.shanmobiles.com
spin805.click
*.spin805.click
wiscometalworks.com
*.wiscometalworks.com
xbr777.com
*.xbr777.com
zenytime.com
*.zenytime.com
Other domains in certificate