Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=nidovalle.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
October 30, 2025
Valid Until
January 28, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:AE:66:9C:76:B8:27:38:A4:C4:FA:48:0E:33:B9:5A:87:8E:8A:97:7C:AF:13:C7:F2:B1:2A:9D:8F:CD:54:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.artadys.com
getbaked.5loyalty.com
pimandek.ac.th
www.aduq.dev
mp3juices.africa.com
agcircle.in
farm.agrevolution.in
network.agrevolution.in
output.app.agrevolution.in
albert-sobreo.com
www.albert-sobreo.com
apps.alloagent.ai
alunoapplicado.com.br
anlys.in
app-shemoveswithai.org
autoshkolladigjitale.com
ark.beisance.com
www.bitofgaia.com
blazeandbarrel.us
tokens.bogged.finance
bottenger.com
www.bottenger.com
icon-test.bukalapak.design
www.cahera.com
carmelitasmensageiros.org
registrar.ceal.in
certdashboard.cloud
www.packandgotravel.co.th
coachtboxingandfitness.ca
propostapp.codebymister.com.br
deveshps.com.np
gauravmaharjan999.com.np
harunyolassitans.com.tr
turanacademy.com.tr
corralok.ar
crusoe.dog
csfsv.com
delanolourenco.xyz
www.delanolourenco.xyz
bguest.devs-core.com
dicecrackersoftware.com
fidelidade.drogariaslegitimatrindade.com.br
commit.droggol.com
space.emendat.io
fastways-logistics.com
www.fastways-logistics.com
federicomatovelle.com
app.ferroarmado.ai
devs.firmame.com
www.foxtrotcommand.com
fugioapp.com
gamecreator.io
freekick.games235.com
getbeesly.app
dashboard.globalgarner.com
test-repse.parquesnacionales.gov.co
hirolab.io
iampikaju.in.th
intstudydestination.com
www.itstrueorfalse.com
www.jibbob.com
www.jorongo.dev
langems.com
lienintoprofit.com
links.mandurahses.org.au
mosethethato.me
msvconstruction.co.za
myreflection.pl
dl.napbigo.com
nidovalle.com
redeem.olevels.com
penjual.id
phcconsultancy.com
un-0.ping12.click
mulch.pointabove.com.au
pornosnap.co.za
sms.provizit.com
releeva.store
rentgpt.net
www.restructuredfinance.com
rocketware.co.uk
newnormal.rotaract.social
shortpng.com
sigilfilm.com
smartbreak.net
www.splittab.me
supermercadomags.com.br
tblinks.tacobell.com
taketheleap.cl
thatshubham.com
thiswebapp.com
tilix.ai
tiltirig.com
www.tiltirig.com
wellbridge.ph
wifipass.tw
www.beta.xn--wielosowie-f0b.pl
illust.yasuworks.com
www.yukiosada.work
yukiosada.work
Other domains in certificate