Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=xn--pigroupmekanika-n6c.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
November 22, 2025
Valid Until
February 20, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
05:35:28:4A:55:5C:B7:A3:31:8D:4C:A1:10:F0:E9:D0:63:13:2E:FE:98:53:8B:79:B6:FE:1F:29:54:09:BA:C5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
snbs.io
www.adhix11.com
manage.uat.aigens.com
mx1.console.aigens.com
flash.aiii.ai
iwifi.aiii.ai
msdth.aiii.ai
sakura.aiii.ai
v1.aiii.ai
apple-teams.live
api.basmo.app
beatrizcristinainteriores.com.br
app.bluecerts.fr
www.brightbeehives.com
apps.bwr.mx
datosndiya.cepiadet.org
link.cinaf.tv
xn--andegps-3za.com.py
dayful.app
intake-survey.deeplearning.ai
www.dhanlaxmienterprise.in
econnectx.in
www.econnectx.in
rocadelmar.elencantodesarrollos.mx
facili.li
farmkal.in
jenesis.fetch.ai
token-bridge.fetch.ai
deeplink.devfleetpay.fleetcor.com
api-dev.gamesheet.app
api-dev2.gamesheet.app
api2.gamesheet.app
dev.gamesheet.app
dev2.gamesheet.app
standings-dev.gamesheet.app
webhooks-staging.gamesheet.app
www.gamesheet.app
mobile.gampay.org
henkel-cosmetics.de
shippingform-test.henriwillig.com
writexy.hyo.dev
staging.inertiacosmetics.com
www.investmentlab.org
clipboard.kaiprince.xyz
stage.kaiprince.xyz
koreainsider.net
certificates.levitatestudios.in
liam.kiwi
screening4me.personal.lifebrand.life
nara.linx.live
auth.lnq.is
app.moises.ai
www.morganebbett.com
www.mrkilian.es
controle-eventos.nawebb.com
www.panjs.com
auth.playrush.io
www.pondyoceanadz.com
app.publibike.ch
rookie.quanscendence.com
royalenfield.pl
www.royalenfield.pl
track.rxoconnecthotfix.rxo.com
sbdev.me
smktridharma4bogor.sch.id
www.schneider-robin.de
www.scimej.com
shookr.nl
www.shookr.nl
app.siro.ai
shoes.slotendrecht.nl
explore.solent.ac.uk
s1-dev.sparkboard.app
designer.dev.studyu.health
accounts.sudokyou.org
sunflower.sunflower-of-courage.com
tauassistant.com
www.the-translit.com
thevelvet.in
togesports.in
malina.trautwig.de
www.tycoonhamlet.com
v6.unkai.cl
vaarchitects.in
www.vaarchitects.in
livechat-en.vnlp.ai
www.writexy.com
www.xn--brk-1na.no
www.xn--jorgeluispiarosales-53b.com
xn--lsogskriv-g3a.dk
xn--no-sia.eu
xn--nyq.jp
xn--o3cc6cxbc.com
xn--pigroupmekanika-n6c.com
xn--premoldao-x3a.com.br
www.xn--r8jdd1gyh0b.com
xn--sepspret-c0ac.se
xn--zckl5c8c3g.xn--tckwe
youthrive.in
zonasverdeslc.com
Other domains in certificate