Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=pinnaclefinancered.info
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 08, 2026
Valid Until
May 09, 2026
85 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F5:99:D0:28:EF:EF:40:93:64:7E:A4:5A:78:D5:91:CB:73:F6:E6:80:5D:59:27:A8:AF:57:21:A7:48:F4:B0:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
hiremis.com
*.hiremis.com
elegancepg.pro
*.elegancepg.pro
elegantviolintop.com
*.elegantviolintop.com
emon77kiw.com
*.emon77kiw.com
erbzx.cc
*.erbzx.cc
globalizationempowertrade.my
*.globalizationempowertrade.my
gp26.top
*.gp26.top
grocerystore.info
*.grocerystore.info
heder.link
*.heder.link
herefootball.com
*.herefootball.com
hiredcrypto.com
*.hiredcrypto.com
j3dream.site
*.j3dream.site
jetskijogo.love
*.jetskijogo.love
kbc3989.cc
*.kbc3989.cc
kbetsports.info
*.kbetsports.info
lamp.institute
*.lamp.institute
marketingspec.site
*.marketingspec.site
marmuasi.com
*.marmuasi.com
massage-ph.click
*.massage-ph.click
mnpiaz.com
*.mnpiaz.com
naughtychiletaqueria.com
*.naughtychiletaqueria.com
ndserve.com
*.ndserve.com
nirwana88.games
*.nirwana88.games
peopleinthecity.it
*.peopleinthecity.it
pg925.cc
*.pg925.cc
phoenixarts.site
*.phoenixarts.site
pilb1p.shop
*.pilb1p.shop
pinnaclefinancered.info
*.pinnaclefinancered.info
premiumspins.site
*.premiumspins.site
qqbrbet.live
*.qqbrbet.live
rubythursdaycollective.com
*.rubythursdaycollective.com
sentimentexpert.com
*.sentimentexpert.com
seodaro.com
*.seodaro.com
seokuni.com
*.seokuni.com
seozumi.com
*.seozumi.com
sketchupolis.com
*.sketchupolis.com
slot988.online
*.slot988.online
smashthecrash.com
*.smashthecrash.com
spsptv.com
*.spsptv.com
taherauto.com
*.taherauto.com
textninja.io
*.textninja.io
thanasisolympus.com
*.thanasisolympus.com
theoutpostmall.com
*.theoutpostmall.com
tyabc.love
*.tyabc.love
uprytr.navy
*.uprytr.navy
Other domains in certificate