Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lionx.xyz
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 21, 2026
Valid Until
July 20, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5B:8C:2E:7C:EB:AA:B6:CE:04:14:AB:DD:83:2C:EC:2C:A0:55:68:BE:98:AA:50:D6:A0:C7:05:59:82:07:2E:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
trimble.co
*.trimble.co
*.accounts.trimble.co
*.agriculture.trimble.co
*.ai.trimble.co
*.api.trimble.co
*.b2w.trimble.co
*.connect.trimble.co
*.emails.trimble.co
*.forestry.trimble.co
*.geospatial.trimble.co
*.id.trimble.co
*.mep.trimble.co
*.metrics.trimble.co
*.my.trimble.co
*.profile.trimble.co
*.projectsightapp.trimble.co
*.sitecapture.trimble.co
*.sketchup.trimble.co
*.transportation.trimble.co
*.xchange.trimble.co
*.admin.alonzo.it
alonzo.it
*.alonzo.it
*.analytic.alonzo.it
*.app.alonzo.it
*.backend.alonzo.it
*.dashboard.alonzo.it
*.demo.alonzo.it
*.dev.alonzo.it
*.intelligence.alonzo.it
*.superset.alonzo.it
*.1802e415-b3d4-4fa5-8ed9-15c15825aa07.jesus.hiphop
*.app.jesus.hiphop
*.autodiscover.jesus.hiphop
*.cliente.jesus.hiphop
*.d3b038a8-c90f-4224-9edd-b3c8df24a12b.jesus.hiphop
*.dev.jesus.hiphop
*.homologacao.jesus.hiphop
jesus.hiphop
*.jesus.hiphop
*.media.jesus.hiphop
*.nkzcwapp.jesus.hiphop
*.payment.jesus.hiphop
*.status.jesus.hiphop
*.utkghsro.jesus.hiphop
*.d.lionx.xyz
lionx.xyz
*.lionx.xyz
magicyes.com
*.magicyes.com
*.mail.magicyes.com
*.mx.magicyes.com
*.cc.pgrdb.fo
pgrdb.fo
*.pgrdb.fo
*.game.pgxbet888.bet
*.mail.pgxbet888.bet
pgxbet888.bet
*.pgxbet888.bet
*.ww25.pgxbet888.bet
*.ww38.pgxbet888.bet
*.www.pgxbet888.bet
restaurantsopenonnewyearseve.com
*.restaurantsopenonnewyearseve.com
*.sitemaps.restaurantsopenonnewyearseve.com
*.1.solarmovies.id
solarmovies.id
*.solarmovies.id
*.ww1.solarmovies.id
*.www2.solarmovies.id
*.demo.sprotsshoes.com
*.mobile.sprotsshoes.com
*.shop.sprotsshoes.com
sprotsshoes.com
*.sprotsshoes.com
*.api.waterfrontnet.com
*.dev.waterfrontnet.com
*.intranet.waterfrontnet.com
*.mail.waterfrontnet.com
*.members.waterfrontnet.com
*.shop.waterfrontnet.com
*.test.waterfrontnet.com
waterfrontnet.com
*.waterfrontnet.com
*.webdisk.waterfrontnet.com
*.hostmaster.xn--fhqz91ccsre8d.com
xn--fhqz91ccsre8d.com
*.xn--fhqz91ccsre8d.com
Other domains in certificate