Open
Cached
·
just now
83/100
SECURITY SCORE
Certificate Information
Subject
CN=api.nima.codes
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 15, 2026
Valid Until
April 15, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
20:9C:00:C8:98:60:58:C2:4C:C0:2E:C1:6D:CA:A1:92:39:30:E7:FC:2B:A3:AB:94:39:99:C6:10:55:E2:27:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Basic
default-src; script-src; style-src; +13 more
default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' blob: https://beacon-v2.helpscout.net https://cdn.jsdelivr.net https://cdn.sheetjs.com https://www.gstatic.com https://www.google.com https://www.google-analytics.com https://www.googletagmanager.com https://app.logrocket.com https://cdn.logrocket.io https://cdn.logr-ingest.com https://js.userpilot.io https://js.userpilot.com https://cdn.userpilot.io https://cdn.userpilot.com https://*.firebaseio.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://cdn.sheetjs.com; font-src 'self' data: blob: https://fonts.gstatic.com https://cdn.sheetjs.com; img-src 'self' data: blob: https://firebasestorage.googleapis.com https://storage.googleapis.com https://www.google-analytics.com https://www.googletagmanager.com https://app.logrocket.com https://cdn.logrocket.io https://js.userpilot.io https://js.userpilot.com https://cdn.userpilot.io https://cdn.userpilot.com https://uploads.userpilot.io https://beacon-v2.helpscout.net https://d33v4339jhl8k0.cloudfront.net https://cdn.loom.com; connect-src 'self' data: https://*.firebaseapp.com https://*.firebaseio.com https://*.googleapis.com https://*.gstatic.com https://*.google.com https://*.part3.io https://*.part3.ca https://sandbox.procore.com https://app.procore.com https://beacon-v2.helpscout.net https://*.helpscout.net https://app.logrocket.com https://cdn.logrocket.io https://*.logr-ingest.com https://*.cloudfront.net https://*.userpilot.io https://*.userpilot.com https://js.userpilot.io https://js.userpilot.com https://cdn.userpilot.io https://cdn.userpilot.com https://www.google-analytics.com https://www.googletagmanager.com https://cdn.sheetjs.com https://www.pdftron.com https://pws-collect.pdftron.com https://proxy.pdftron.com wss://*.firebaseapp.com wss://*.firebaseio.com wss://*.userpilot.io wss://*.userpilot.com; object-src 'none'; media-src 'self' blob:; frame-src 'self' https://*.part3.io https://*.part3.ca https://www.google.com https://*.google.com https://*.firebaseio.com; frame-ancestors 'self' https://*.part3.io https://*.part3.ca; manifest-src 'self' https://dev.part3.ca https://dev.part3.io https://app.part3.ca https://app.part3.io; worker-src 'self' blob:; child-src 'self' blob:; form-action 'self'; base-uri 'self'; upgrade-insecure-requests;
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev.part3.io
www.7treesinvestment.in
adsyncmedia.in
advertiroai.com
www.biancazephyr.com
khanakdentalclinic.bitkhanan.com
www.bkcentregas.com.br
admin.book4dance.com
sn13.cafexapp.com
www.celarius.com
rehtman.co.il
taxi123.co.il
aciincinerator.co.th
www.consultify-ai.com
auth.croissant-meets-coconut.com
whatsnext.daryanritul.in
dasastore.cl
deventzstudio.com
dooboo.io
go.droppii.vn
dungloe-equipment-hire.ie
www.dungloe-equipment-hire.ie
app.easyprocess.in
crm.dev.shelf.evtit.com
training.faircareplus.com
omnomconnectxmas.games235.com
cv.gerald.sh
gerald.sh
portfolio.gerald.sh
get-experts-opinion.com
golidawayi.com
grpromoters.in
healthyfi.me
support.covid.helena.org
hydrocawach.com
test01.ircode.app
www.ivegtech.com
www.jamiatulkhair.org
www.jvtradenexus.com
maramon.knova.link
xn--ondej-kcb.kuk.la
l2jsaked.com.ar
www.liftexpo.es
likelilab.com
www.liturgicalapp.com
weather.livingacademy.org
livingwellherbalclinic.com
www.livingwellherbalclinic.com
url.manima.de
marden.in
www.marden.in
sms.mikrologic.com
mohamed-amoussa-dev.fr
mojestoisko.pl
www.muldong.com
laluarts.nawebb.com
admin.nexsus.in
api.nima.codes
basketball.nukta.pro
www.oddlier.org
demo.oleyn.org
onurtashan.com
caopgdr.orikami.nl
pgrams.io
wedding.phantranhongphuc.com
predape.com
www.quantumlabs-ai.com
quizandapp.com
rateacloud.com
www.scopify.com.br
archeus.seelay.in
portalsocioinnova.sgroneclick.com
www.portalsocioinnova.sgroneclick.com
mrkt.shiprocket.in
sinergiacci.net
registration.delbe.skipr.co
demo.spv.no
www.superfreshagro.com
secure.superpath.io
www.tathastugreens.in
taxcircle.in
theb3.studio
arcard.tribedemos.com
verify.trustlend.us
backend.tupulizie.com
whatdidtrumpsaytoday.com
dashboard.wifipublicitario.com
pet-universe.wiseutils.com
wyattwalker.me
xn--42cg6bq1c0as4ck8e8d.xn--o3cw4h
www.xn--910bt5dgz6b.com
xn--b1aqcl.net
qr.xn--elmnpolku-w2ab.fi
xn--fhlen-verstehen-gestalten-fwc.de
xn--jagrhr-duac.nu
auth.xn--mayho-ndb.com
xn--nnqt1l.xn--q9jyb4c
xn--no-sia.net
www.xn--sts-600okr.com
hotspot.ynriver.com
Other domains in certificate