DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=aidesoignante.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 01, 2026
Valid Until
May 02, 2026 80 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
50:BD:57:D7:87:F2:06:2D:E7:72:52:A0:17:61:29:1C:7F:BC:FD:CB:45:38:25:DD:66:25:7A:F2:9A:ED:72:1F
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
cavero.com *.cavero.com *.43tf.cavero.com

Other domains in certificate

aidesoignante.com *.aidesoignante.com *.ww16.aidesoignante.com
esmola.com *.esmola.com *.sitemaps.esmola.com
goodyer.com *.goodyer.com *.sslvpn.goodyer.com
miseducationblend.com *.miseducationblend.com
mxcsl.bid *.mxcsl.bid
vipfood.net.cn *.vipfood.net.cn
openadsgency-team.com *.openadsgency-team.com
panelmuslimin.org *.panelmuslimin.org
pcqtx.shop *.pcqtx.shop
phonehim.com *.phonehim.com
play-chrono-bastion.xyz *.play-chrono-bastion.xyz
play-raven-vista.xyz *.play-raven-vista.xyz
play-sonic-ridge.xyz *.play-sonic-ridge.xyz
puipanel.org *.puipanel.org
rebo2.com *.rebo2.com
rfvbg.gdn *.rfvbg.gdn
riddim.co *.riddim.co
sditpluitraya.org *.sditpluitraya.org
sdkristennasionalanglo.org *.sdkristennasionalanglo.org
securepensionsl.com *.securepensionsl.com
sjaxh.pro *.sjaxh.pro
spellsandamulets.net *.spellsandamulets.net
startup.fm *.startup.fm
stockpick.com.au *.stockpick.com.au
tarakanita4.org *.tarakanita4.org
tbilisirestaurant.com *.tbilisirestaurant.com
tbilisirestaurants.com *.tbilisirestaurants.com
theschoolofcoffeebeans.com *.theschoolofcoffeebeans.com
tinyliving.vip *.tinyliving.vip
trisulaperwari1.org *.trisulaperwari1.org
tryoutsimpliworks.com *.tryoutsimpliworks.com
ufa867.pro *.ufa867.pro
useclearlydata.com *.useclearlydata.com
viralposters.shop *.viralposters.shop
waaewv5.top *.waaewv5.top
weddingsdayplanning.beauty *.weddingsdayplanning.beauty
workgrowthpath.site *.workgrowthpath.site
xn--12cbau2g0az1h0b.com *.xn--12cbau2g0az1h0b.com
xn--oqqx32ipfh.com *.xn--oqqx32ipfh.com
xympz.bid *.xympz.bid
yoman188.com *.yoman188.com
zanzibar.yachts *.zanzibar.yachts