SSL Certificate Analysis for navaaiapp.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=057737.loan

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 13, 2026

Valid Until

August 11, 2026 86 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C0:9C:18:4B:1F:25:CC:34:6E:A9:28:51:D7:C0:5D:64:E5:23:4F:0D:3C:4F:82:C9:38:49:45:FA:BF:A2:F3:D5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

navaaiapp.com *.navaaiapp.com

Other domains in certificate

057737.loan *.057737.loan

11559.my *.11559.my

11730.asia *.11730.asia

12713.loan *.12713.loan

17ongwin.cfd *.17ongwin.cfd

1950bet.bet *.1950bet.bet

202198ld.sbs *.202198ld.sbs

268262.sbs *.268262.sbs

32783.lgbt *.32783.lgbt

55jogar.top *.55jogar.top

55jogar1.top *.55jogar1.top

6353455.top *.6353455.top

6397.one *.6397.one

64030.co *.64030.co

663191.gdn *.663191.gdn

6666030a4.sbs *.6666030a4.sbs

66808.one *.66808.one

691540.blog *.691540.blog

71562.mobi *.71562.mobi

76322.lgbt *.76322.lgbt

90502.one *.90502.one

9999353a2.sbs *.9999353a2.sbs

9999353a3.sbs *.9999353a3.sbs

9999353a4.sbs *.9999353a4.sbs

9999353adh1.sbs *.9999353adh1.sbs

actuaweb.com *.actuaweb.com

animelikefinder.ru *.animelikefinder.ru

apppantero.pro *.apppantero.pro

arctyx.com *.arctyx.com

aset69ku.xyz *.aset69ku.xyz

atlesdomain.co *.atlesdomain.co

bad-credit-loan-hf8.click *.bad-credit-loan-hf8.click

bad-credit-personal-loans1.sbs *.bad-credit-personal-loans1.sbs

bbb-lsy07.art *.bbb-lsy07.art

bjkl-465rg-4rg-5r.com *.bjkl-465rg-4rg-5r.com

broadstreamconnect.sbs *.broadstreamconnect.sbs

broadviewinsight.info *.broadviewinsight.info

corporatecleangroup.com *.corporatecleangroup.com

cosmetic-filler-injections-8jqhl.click *.cosmetic-filler-injections-8jqhl.click

deluxefilms.com *.deluxefilms.com

navaagenticai.com *.navaagenticai.com

navaagenticai.one *.navaagenticai.one

navaai.net *.navaai.net

navaaiteam.com *.navaaiteam.com