DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=pixpremio.io
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 01, 2026
Valid Until
May 02, 2026 82 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DD:88:30:E5:0D:0E:83:5D:21:62:32:35:2E:C4:CA:C0:34:15:2A:84:FC:02:6F:6B:3D:3D:B1:34:36:F6:F1:63
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
msaad.com *.msaad.com *.ww25.msaad.com *.ww38.msaad.com

Other domains in certificate

ballejos.com *.ballejos.com *.vpn.ballejos.com *.webconnect.ballejos.com
ballsports.com *.ballsports.com *.ww25.ballsports.com
*.5.celinepg.com celinepg.com *.celinepg.com *.ww25.celinepg.com *.www.celinepg.com
taracounseling.co.in *.taracounseling.co.in *.ww38.taracounseling.co.in
*.dev.fixmystartup.com fixmystartup.com *.fixmystartup.com
*.dev.flechsig.com flechsig.com *.flechsig.com *.webmail.flechsig.com
haibe.com *.haibe.com *.ww1.haibe.com
illus.com *.illus.com *.remote.illus.com *.ww1.illus.com
*.2ersitz.loveyourartist.store *.806qm.loveyourartist.store *.btf.loveyourartist.store *.cafecentral.loveyourartist.store *.clubcann.loveyourartist.store *.danielsloss.loveyourartist.store *.dcks.loveyourartist.store *.derringer.loveyourartist.store *.dlfnova-pcf.loveyourartist.store *.fallenfortress.loveyourartist.store *.feinegesellschaft.loveyourartist.store *.fzw.loveyourartist.store *.hafen2.loveyourartist.store *.heavygermanshit.loveyourartist.store *.heppelettlich.loveyourartist.store *.hundreds.loveyourartist.store *.jazz-radebeul.loveyourartist.store *.jetztundimmer.loveyourartist.store *.juhawest.loveyourartist.store *.laing.loveyourartist.store *.listenloudgroup.loveyourartist.store loveyourartist.store *.loveyourartist.store *.maniorrason.loveyourartist.store *.meandmarie.loveyourartist.store *.merlin.loveyourartist.store *.musszo-booking.loveyourartist.store *.njoy-pcf.loveyourartist.store *.odd-couple.loveyourartist.store *.pabst.loveyourartist.store *.parksessions.loveyourartist.store *.pensionschmidt.loveyourartist.store *.popsecret.loveyourartist.store *.prachtwerk.loveyourartist.store *.roxyconcerts.loveyourartist.store *.schmutzki.loveyourartist.store *.seeyoutomorrow.loveyourartist.store *.sprechwerk.loveyourartist.store *.wallisbird.loveyourartist.store *.xjazz-radebeul.loveyourartist.store
monegros.com *.monegros.com *.wiki.monegros.com
muhli.com *.muhli.com *.vpn.muhli.com *.www.muhli.com
pixpremio.io *.pixpremio.io *.sms.pixpremio.io
*.gate.zingaretti.com *.hostmaster.zingaretti.com *.ravpn.zingaretti.com *.ssl.zingaretti.com *.ww25.zingaretti.com zingaretti.com *.zingaretti.com