Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=api.nima.codes
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 15, 2026
Valid Until
April 15, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
20:9C:00:C8:98:60:58:C2:4C:C0:2E:C1:6D:CA:A1:92:39:30:E7:FC:2B:A3:AB:94:39:99:C6:10:55:E2:27:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
gerald.sh
cv.gerald.sh
portfolio.gerald.sh
www.7treesinvestment.in
adsyncmedia.in
advertiroai.com
www.biancazephyr.com
khanakdentalclinic.bitkhanan.com
www.bkcentregas.com.br
admin.book4dance.com
sn13.cafexapp.com
www.celarius.com
rehtman.co.il
taxi123.co.il
aciincinerator.co.th
www.consultify-ai.com
auth.croissant-meets-coconut.com
whatsnext.daryanritul.in
dasastore.cl
deventzstudio.com
dooboo.io
go.droppii.vn
dungloe-equipment-hire.ie
www.dungloe-equipment-hire.ie
app.easyprocess.in
crm.dev.shelf.evtit.com
training.faircareplus.com
omnomconnectxmas.games235.com
get-experts-opinion.com
golidawayi.com
grpromoters.in
healthyfi.me
support.covid.helena.org
hydrocawach.com
test01.ircode.app
www.ivegtech.com
www.jamiatulkhair.org
www.jvtradenexus.com
maramon.knova.link
xn--ondej-kcb.kuk.la
l2jsaked.com.ar
www.liftexpo.es
likelilab.com
www.liturgicalapp.com
weather.livingacademy.org
livingwellherbalclinic.com
www.livingwellherbalclinic.com
url.manima.de
marden.in
www.marden.in
sms.mikrologic.com
mohamed-amoussa-dev.fr
mojestoisko.pl
www.muldong.com
laluarts.nawebb.com
admin.nexsus.in
api.nima.codes
basketball.nukta.pro
www.oddlier.org
demo.oleyn.org
onurtashan.com
caopgdr.orikami.nl
dev.part3.io
pgrams.io
wedding.phantranhongphuc.com
predape.com
www.quantumlabs-ai.com
quizandapp.com
rateacloud.com
www.scopify.com.br
archeus.seelay.in
portalsocioinnova.sgroneclick.com
www.portalsocioinnova.sgroneclick.com
mrkt.shiprocket.in
sinergiacci.net
registration.delbe.skipr.co
demo.spv.no
www.superfreshagro.com
secure.superpath.io
www.tathastugreens.in
taxcircle.in
theb3.studio
arcard.tribedemos.com
verify.trustlend.us
backend.tupulizie.com
whatdidtrumpsaytoday.com
dashboard.wifipublicitario.com
pet-universe.wiseutils.com
wyattwalker.me
xn--42cg6bq1c0as4ck8e8d.xn--o3cw4h
www.xn--910bt5dgz6b.com
xn--b1aqcl.net
qr.xn--elmnpolku-w2ab.fi
xn--fhlen-verstehen-gestalten-fwc.de
xn--jagrhr-duac.nu
auth.xn--mayho-ndb.com
xn--nnqt1l.xn--q9jyb4c
xn--no-sia.net
www.xn--sts-600okr.com
hotspot.ynriver.com
Other domains in certificate