DNS Gurus
Cached · just now
80/100 SECURITY SCORE

Certificate Information

Subject
CN=www.balsambayoutfitters.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
November 22, 2025
Valid Until
February 20, 2026 53 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A7:5D:8B:B6:E4:A4:6E:95:18:EB:A2:DC:0C:9C:BE:06:45:BE:BE:8C:A0:1A:59:28:AA:5D:55:64:A6:31:20:68
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Configured (Restricts certificate issuance)
Current Issuer
Authorized (Matches CAA policy)
Authorized CAs
letsencrypt.org
Recommendations
  • Consider using critical flag (flags=128) for stricter CAA enforcement
  • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
  • Consider adding 'issuewild' records to control wildcard certificate issuance

Subject Alternative Names

100 domains
writexy.com

Other domains in certificate

9quadrinhos.com
adhix11.com
agendafacilcliente.com
www.aicommunity.dev
auth.aiexplorerapp.com
jcr.console.aigens.com
frontdesk.aiii.ai organonth-url.aiii.ai
ambbyte.com.br www.ambbyte.com.br
www.amipreorder.com
www.autoshkolladigjitale.com
auxcorde.com
auth.broad-bull.avasecurity.com
b312studio.com
www.balsambayoutfitters.com
card.bitkhanan.com
mt.bitmark.com
brandeablestudio.com
platform.caplight.com
admin.cgodev.com
admin-legal.coconala.com user-dev.legal.coconala.com
cox-lvub2.cox2m.com
barnamaj.danacommittee.com
dashfinanceapp.com
dev.tube
developyourmind.app
www.doyouknow.today
droneflyzones.com
dwoth.com
www.elrespetoserespira.com
auth.emitickets.com
app.equevu.com
prepaid.etralis.com
www.exploreverge.com
api-doc.filio.io
forget-me-not.app www.forget-me-not.app
globeaccesssolutions.com
khmerenterprise.gov.kh
greenburghcorruption.com
hamadjamal.com
data.humanrightsmeasurement.org
www.inspedium.email
staging.instigate.ai
wire.io-fund.com
mcpanel.istiakrahman.com
admin.karfi.co
keepitech.com
app.koyonation.com
lootpe.com
login.meubaba.com
www.mimievents.co.za
backoffice.move-globally.com
brands.nativelayer.ai dev.nativelayer.ai
nduduzo.com
ninjapower.co
familiaeamigos.nos.pt tecmais.nos.pt
omerfarukorhan.com
playbosspoker.com
quantumlabs-ai.com
mta-sts.r42.ch
stage-tickets.rct.uk
mta-sts.rsbg.ch
connect-ng-carrier-assigned-loads.rxoconnectdevint.rxo.com
enedis-homologation-square-sense.s2.app
www.simpliweather.com
auth.sobrecupos.app
ar-stage2.sunflower-of-courage.com ar-stage3.sunflower-of-courage.com stage1.sunflower-of-courage.com stage2.sunflower-of-courage.com stage3.sunflower-of-courage.com
syncvo.com
talentosit.app
www.thesushibarmyanmar.com
topdownsrl.com
www.laembajada.tur.ar
demo-admin.unbiased.ml
web.unkai.cl
admin-staging.vnlp.ai dashboard.rtm.vnlp.ai labelbox-dev.vnlp.ai livechat-mb.vnlp.ai va-dev.vnlp.ai va-en.vnlp.ai va-vpb.vnlp.ai
europawakosta.vrtnws.be
bpm.waffle.city
watchsoc.ca
staging.atwi-fr.webedia.tech staging.atwi-mx.webedia.tech
wevegotcancer.com
xn--daysblg-5c9qzc.app
pilot.youtranslate.bible
app.zloviewer.dev