Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=invalidov.net
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 27, 2026
Valid Until
April 27, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
48:B1:E3:A9:88:A6:03:37:46:2A:48:1D:7F:C1:89:60:C3:7B:A3:D0:B5:F6:C2:ED:5F:03:F2:42:5F:BC:D1:3E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
invalidov.net
*.invalidov.net
*.64f4b22a-cfcd-4ade-9eb3-d6bed6b3d62b.invalidov.net
*.abc.invalidov.net
*.access.invalidov.net
*.account.invalidov.net
*.anyconnect.invalidov.net
*.api.invalidov.net
*.apps.invalidov.net
*.autoconfig.invalidov.net
*.ci.invalidov.net
*.client.invalidov.net
*.cloudvpn.invalidov.net
*.cpanel.invalidov.net
*.cpcalendars.invalidov.net
*.cwp.invalidov.net
*.fortigate.invalidov.net
*.fortinet.invalidov.net
*.fortivpn.invalidov.net
*.gateway.invalidov.net
*.gbigvwwww.invalidov.net
*.gpt.invalidov.net
*.imap.invalidov.net
*.localhost.invalidov.net
*.mail6.invalidov.net
*.new.invalidov.net
*.news.invalidov.net
*.office.invalidov.net
*.portal.invalidov.net
*.postmaster.invalidov.net
*.qa.invalidov.net
*.rd.invalidov.net
*.relay.invalidov.net
*.remoteapp.invalidov.net
*.sitemap.invalidov.net
*.sitemaps.invalidov.net
*.ssl.invalidov.net
*.sso.invalidov.net
*.webapps.invalidov.net
*.webmail.invalidov.net
*.wildcard.invalidov.net
*.ww16.invalidov.net
*.ww38.invalidov.net
barqchain.com
*.barqchain.com
*.app.bigtitspornarchive.xyz
bigtitspornarchive.xyz
*.bigtitspornarchive.xyz
*.ww38.bigtitspornarchive.xyz
*.www.bigtitspornarchive.xyz
espnstarsport.com
*.espnstarsport.com
*.ww16.espnstarsport.com
*.ww17.espnstarsport.com
*.ww38.espnstarsport.com
febder.com
*.febder.com
*.helpdesk.febder.com
*.hostmaster.febder.com
*.play.febder.com
*.ww25.febder.com
*.ww38.febder.com
*.autoconfig.kupony.site
*.cpcontacts.kupony.site
*.ftp.kupony.site
kupony.site
*.kupony.site
*.webmail.kupony.site
*.www.kupony.site
*.123.shoumei.com
*.comune.shoumei.com
*.demo2.shoumei.com
*.gold.shoumei.com
*.learn.shoumei.com
*.mail.shoumei.com
*.media.shoumei.com
*.mm.shoumei.com
*.mobile.shoumei.com
*.no.shoumei.com
*.ns2.shoumei.com
*.ochiai.shoumei.com
*.online.shoumei.com
*.origin.shoumei.com
shoumei.com
*.shoumei.com
*.sms.shoumei.com
*.ww1.shoumei.com
*.ww25.shoumei.com
*.ww38.shoumei.com
*.xxx.shoumei.com
Other domains in certificate