DNS Gurus
Cached · just now
78/100 SECURITY SCORE

Certificate Information

Subject
CN=xn--pigroupmekanika-n6c.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
November 22, 2025
Valid Until
February 20, 2026 56 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
05:35:28:4A:55:5C:B7:A3:31:8D:4C:A1:10:F0:E9:D0:63:13:2E:FE:98:53:8B:79:B6:FE:1F:29:54:09:BA:C5
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Significantly strengthen CSP directives
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
deeplink.devfleetpay.fleetcor.com

Other domains in certificate

www.adhix11.com
manage.uat.aigens.com mx1.console.aigens.com
flash.aiii.ai iwifi.aiii.ai msdth.aiii.ai sakura.aiii.ai v1.aiii.ai
apple-teams.live
api.basmo.app
beatrizcristinainteriores.com.br
app.bluecerts.fr
www.brightbeehives.com
apps.bwr.mx
datosndiya.cepiadet.org
link.cinaf.tv
xn--andegps-3za.com.py
dayful.app
intake-survey.deeplearning.ai
www.dhanlaxmienterprise.in
econnectx.in www.econnectx.in
rocadelmar.elencantodesarrollos.mx
facili.li
farmkal.in
jenesis.fetch.ai token-bridge.fetch.ai
api-dev.gamesheet.app api-dev2.gamesheet.app api2.gamesheet.app dev.gamesheet.app dev2.gamesheet.app standings-dev.gamesheet.app webhooks-staging.gamesheet.app www.gamesheet.app
mobile.gampay.org
henkel-cosmetics.de
shippingform-test.henriwillig.com
writexy.hyo.dev
staging.inertiacosmetics.com
www.investmentlab.org
clipboard.kaiprince.xyz stage.kaiprince.xyz
koreainsider.net
certificates.levitatestudios.in
liam.kiwi
screening4me.personal.lifebrand.life
nara.linx.live
auth.lnq.is
app.moises.ai
www.morganebbett.com
www.mrkilian.es
controle-eventos.nawebb.com
www.panjs.com
auth.playrush.io
www.pondyoceanadz.com
app.publibike.ch
rookie.quanscendence.com
royalenfield.pl www.royalenfield.pl
track.rxoconnecthotfix.rxo.com
sbdev.me
smktridharma4bogor.sch.id
www.schneider-robin.de
www.scimej.com
shookr.nl www.shookr.nl
app.siro.ai
shoes.slotendrecht.nl
snbs.io
explore.solent.ac.uk
s1-dev.sparkboard.app
designer.dev.studyu.health
accounts.sudokyou.org
sunflower.sunflower-of-courage.com
tauassistant.com
www.the-translit.com
thevelvet.in
togesports.in
malina.trautwig.de
www.tycoonhamlet.com
v6.unkai.cl
vaarchitects.in www.vaarchitects.in
livechat-en.vnlp.ai
www.writexy.com
www.xn--brk-1na.no
www.xn--jorgeluispiarosales-53b.com
xn--lsogskriv-g3a.dk
xn--no-sia.eu
xn--nyq.jp
xn--o3cc6cxbc.com
xn--pigroupmekanika-n6c.com
xn--premoldao-x3a.com.br
www.xn--r8jdd1gyh0b.com
xn--sepspret-c0ac.se
xn--zckl5c8c3g.xn--tckwe
youthrive.in
zonasverdeslc.com