SSL Certificate Analysis for api.pikeys.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mccamey.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 02, 2026

Valid Until

May 03, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

0D:67:AD:3F:6E:C3:41:87:C8:E5:3F:3D:09:AF:48:F5:C1:56:0A:06:94:67:23:84:25:AB:B0:69:FA:2B:75:12

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

pikeys.com *.pikeys.com *.api.pikeys.com *.ww16.pikeys.com

Other domains in certificate

78484.pizza *.78484.pizza

79773399.top *.79773399.top

7m48x5.shop *.7m48x5.shop

821812.top *.821812.top

85704.locker *.85704.locker

877308aa9.sbs *.877308aa9.sbs

99281.locker *.99281.locker

99601.one *.99601.one

9tz887.shop *.9tz887.shop

afroamericanos.com *.afroamericanos.com

babexpress.com *.babexpress.com

begartered.com *.begartered.com

childstrokesupport.com *.childstrokesupport.com *.ftp.childstrokesupport.com

cyq3y3k.cyou *.cyq3y3k.cyou

devilslaw.com *.devilslaw.com

futureinvestguide.cfd *.futureinvestguide.cfd

gourmetfoodguide.sbs *.gourmetfoodguide.sbs

huhr302.top *.huhr302.top

invest296114.icu *.invest296114.icu

justcantsaygoodbye.com *.justcantsaygoodbye.com

kppnsi.pro *.kppnsi.pro

ldcz222.info *.ldcz222.info

ldcz224.info *.ldcz224.info

logchippers.com *.logchippers.com *.mail.logchippers.com *.ww1.logchippers.com

*.apps.mccamey.com *.fortivpn.mccamey.com mccamey.com *.mccamey.com *.vpn1.mccamey.com

*.aeries.nmusd.com *.assets.nmusd.com nmusd.com *.nmusd.com

*.members.oldiez.com oldiez.com *.oldiez.com

partywank.com *.partywank.com

plastic-injection-852005837.click *.plastic-injection-852005837.click

*.mails.roulstone.com roulstone.com *.roulstone.com

russianyogurt.com *.russianyogurt.com

schulranzen-stuttgart.com *.schulranzen-stuttgart.com

thekrystalconcepts.com *.thekrystalconcepts.com

uuu5737.top *.uuu5737.top

*.apps.vernand.com *.staging.vernand.com vernand.com *.vernand.com

xr533.top *.xr533.top

xunai18.cn *.xunai18.cn