SSL Certificate Analysis for appichi.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=112314.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 19, 2026

Valid Until

May 20, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

93:ED:1D:66:8A:C0:2C:D2:C3:1F:52:42:35:AB:22:DB:D4:9D:15:F0:FA:CD:78:84:2C:B4:B7:9B:AE:D7:B5:17

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

appichi.com *.appichi.com

Other domains in certificate

112314.com *.112314.com

4800kkk.im *.4800kkk.im

4800mmm.im *.4800mmm.im

4800nnn.im *.4800nnn.im

4800ppp.im *.4800ppp.im

4am.studio *.4am.studio

53ir.com *.53ir.com

855331a0.buzz *.855331a0.buzz

863263.cc *.863263.cc

872882.vip *.872882.vip

999yesci.xyz *.999yesci.xyz

a093jwm.top *.a093jwm.top

balloo.sbs *.balloo.sbs

barstoolsplus.com.au *.barstoolsplus.com.au

bigg.live *.bigg.live

boardai.com *.boardai.com

brandsocialplug.com *.brandsocialplug.com

buyitaliancharmbracelet.com *.buyitaliancharmbracelet.com

calaveritas.com *.calaveritas.com

ccg.solutions *.ccg.solutions

civilsensor.com *.civilsensor.com

corteiz.xyz *.corteiz.xyz

cybersecurity-services126634.icu *.cybersecurity-services126634.icu

damas.me *.damas.me

diodmk.bid *.diodmk.bid

download.pink *.download.pink

e5425662.vip *.e5425662.vip

elitewizard957.top *.elitewizard957.top

elmnt.bid *.elmnt.bid

epithymies.gr *.epithymies.gr

equinexo.com *.equinexo.com

fileandish.ir *.fileandish.ir

aero88blog.it.com *.aero88blog.it.com thebigwaaagh.it.com *.thebigwaaagh.it.com

mederma.online *.mederma.online

sportswebonline.com *.sportswebonline.com

sqfye.bid *.sqfye.bid

staceyparshalljensen.com *.staceyparshalljensen.com

stonemason.xyz *.stonemason.xyz

tdagc.bid *.tdagc.bid

trustearnxzz.digital *.trustearnxzz.digital

ug808-8.cfd *.ug808-8.cfd

ukumntd.top *.ukumntd.top

vidyabharati.org *.vidyabharati.org