SSL Certificate Analysis for baisil.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 7

Formspree

Google Trust

Algolia

Google Analytics

Google Fonts

Google Tag Manager

jsDelivr

Certificate Information

Subject

CN=mapajidla.cz

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

March 29, 2026

Valid Until

June 27, 2026 50 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D3:D1:AC:90:70:02:E9:6E:2F:FE:49:5F:98:A6:E7:0F:83:EF:A8:4E:C8:F1:43:3E:F4:4A:39:C1:66:73:92:D2

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Good

default-src; script-src; style-src; +5 more Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

camera=(), microphone=(), geolocation=(); +1 more

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Strengthen CSP by removing 'unsafe-eval'

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

baisil.com

Other domains in certificate

4nsic.net

assetstud.io

benefcialenglish.com

www.billsne.ws

boendeserviciosinmobiliarios.com

admin.bondi-restaurant.com

callidusos.co.uk

calliecosourdough.com

portal.candidato-ai.com

mondial.cliquergsj.be

crowdhum.com

derman.company

drewtabor.com

app.dysgu.de

www.efes.fi

endata.ai www.endata.ai

farahculinaria.com.br

flavorquestrecipes.com

forgedcyclist.com

forgeddriver.com

app.getsavetra.com

getswippet.xyz

dapp.goaldex.org www.goaldex.org

groundtrack.club

gsp.capital

www.heysheep.sg

highku.app www.highku.app

hum.vote

hypeonloop.in

www.ibdaa.eu

inmobiliariahyperhouse.com

ivefe.co.uk

cu-custom-structures.jimmyking.dev gunsaw-weapon-creator.jimmyking.dev

www.josephkay.co.uk

kalcerapp.my.id

kaufleute-pruefung.de

admin.kirogrowth.com app.kirogrowth.com

laamssa.com

lexgestorpessoal.com.br

lexingtonairsystems.com

www.limesys.co.za

lite-plex.com

livingbyaurora.com

locion-termoactiva.com

longevitymeals.review

reversi.longocode.com

machupicchufreetours.travel

mapajidla.cz

maplelonestar.com

maxlite.company

mevrai.in

mirovia.ai

mirrorconcierge.com

myagora.app

neertechtechnologies.in www.neertechtechnologies.in

nursiqo.com

o3studio.oryxintel.com

pebblematcha.com www.pebblematcha.com

perranwellcapital.com.au

crm.petersterr.de

www.pluskpool.eu

smurfolution.popul-ar.com

meupesoideal.prsoft.app

qiratex.com

remdesign.fr

admin.rendeuai.com.br

rta-full.com

sgz-ag.ch

simonleviev.com

sowmitras.co.in

stepstyle.fit

stnorte.es

admin.strandoase-am-edersee.com strandoase-am-edersee.com

swingfitai.com www.swingfitai.com

tariq.om

techortree.in

the11thavenue.com

www.thelongbeachhandyman.com

timelesstongues.com www.timelesstongues.com

turnoclase.com

tyruss.com

vetibase.com

app.wemojave.co

www.willowcovecounselingslc.com

xetech.sg

www.yakitdgntakip.com

zafir-online.com

zeynepigneci.com

zilliox.ch