DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=toniojewelry.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 10, 2026
Valid Until
May 11, 2026 88 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FF:06:3C:0B:FB:FB:B3:BF:B5:EB:A1:05:52:4B:12:6D:D3:3F:E2:44:4F:23:C1:0C:32:3E:E2:9E:E4:30:6A:AD
Alternative Names
88 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains
buscalos.com *.buscalos.com *.sitemaps.buscalos.com *.wiki.buscalos.com *.ww11.buscalos.com

Other domains in certificate

*.348ed870-876c-4004-b381-4faac26d28c8.alo789.blue *.accounts.alo789.blue alo789.blue *.alo789.blue *.hostmaster.alo789.blue *.portal.alo789.blue *.shop.alo789.blue *.sitemaps.alo789.blue
analrape.com *.analrape.com *.outlook.analrape.com
*.2a354359-8e38-494a-a6c5-97d60cdd9b76.cashflowroom.com *.assets.cashflowroom.com *.atendimento.cashflowroom.com *.beta.cashflowroom.com *.blog.cashflowroom.com cashflowroom.com *.cashflowroom.com *.dashboard.cashflowroom.com *.osqgoqa.cashflowroom.com *.pay.cashflowroom.com *.secure.cashflowroom.com *.shop.cashflowroom.com *.staging.cashflowroom.com *.stg.cashflowroom.com *.support.cashflowroom.com *.uat.cashflowroom.com *.v2.cashflowroom.com *.vpn.cashflowroom.com *.web.cashflowroom.com *.webmail.cashflowroom.com *.www.cashflowroom.com
*.api.checkid.net checkid.net *.checkid.net *.dev.checkid.net *.vpn.checkid.net
javdin.com *.javdin.com
keymasteryakima.com *.keymasteryakima.com
*.5422c077-5fd3-4770-be08-7c8977b64668.min88mega.college *.api.min88mega.college min88mega.college *.min88mega.college *.test.min88mega.college
pinjam-tunai.com *.pinjam-tunai.com
right.black *.right.black
searchzscripture.com *.searchzscripture.com
*.clayregazzoni.sportline.it sportline.it *.sportline.it
*.blog.stoptheseizures.org *.dev.stoptheseizures.org *.m.stoptheseizures.org stoptheseizures.org *.stoptheseizures.org *.test.stoptheseizures.org *.webmail.stoptheseizures.org *.wwww.stoptheseizures.org
toniojewelry.com *.toniojewelry.com *.ww25.toniojewelry.com
*.541e70a8-1aef-4689-a3bb-ce92ef002369.top10bahis.com *.adobe.top10bahis.com *.client.top10bahis.com *.m.top10bahis.com *.portal.top10bahis.com *.rd.top10bahis.com *.rds.top10bahis.com *.rdweb.top10bahis.com top10bahis.com *.top10bahis.com *.www.top10bahis.com
*.mail.ug-cabal.online ug-cabal.online *.ug-cabal.online *.www.ug-cabal.online
zyvaepoch.com *.zyvaepoch.com