Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=nir.net
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
March 29, 2026
Valid Until
June 27, 2026
33 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FD:28:3C:4E:F1:DA:6C:3B:97:59:E4:33:F0:C4:15:14:7F:CC:AB:CD:CC:DB:E2:7E:73:91:47:34:79:FB:2E:CC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
aflamfree.com
*.aflamfree.com
*.box.aflamfree.com
*.ffffffffffff.aflamfree.com
ballettalk.com
*.ballettalk.com
*.ww25.ballettalk.com
*.ww38.ballettalk.com
basementwindows.com
*.basementwindows.com
*.ww17.basementwindows.com
cfi.au
*.cfi.au
*.ww25.cfi.au
emagazines.co.uk
*.emagazines.co.uk
*.mobile.emagazines.co.uk
gwd.de
*.gwd.de
*.sub.gwd.de
*.ww25.gwd.de
*.hostmaster.iqoption.cm
iqoption.cm
*.iqoption.cm
javgay.co
*.javgay.co
*.webdisk.javgay.co
*.ww38.javgay.co
*.facebook.mizzenmain.com
*.hostmaster.mizzenmain.com
mizzenmain.com
*.mizzenmain.com
*.ww25.mizzenmain.com
*.bc.nir.net
*.bzh.nir.net
*.bzn.nir.net
*.colombia.nir.net
*.cssk.nir.net
*.deped.nir.net
*.fms.nir.net
*.fomart.nir.net
*.hmk.nir.net
*.isr.nir.net
*.nca-suitengu2.nir.net
nir.net
*.nir.net
*.ots.nir.net
*.pro.nir.net
*.s-k-w.nir.net
*.sh-fm.nir.net
*.shintoshin.nir.net
*.sip.nir.net
*.sore.nir.net
*.swt.nir.net
*.u.nir.net
*.ufn.nir.net
*.vcy.nir.net
*.wildcard.nir.net
*.ww16.nir.net
*.ww38.nir.net
pg88win.com
*.pg88win.com
*.wallet.pg88win.com
scotiabamk.com
*.scotiabamk.com
*.scotiaonline.scotiabamk.com
*.ww17.scotiabamk.com
*.ww25.scotiabamk.com
*.ww38.scotiabamk.com
tonya.com.au
*.tonya.com.au
tradition.is
*.tradition.is
tuhsy.com
*.tuhsy.com
wcwl.org
*.wcwl.org
*.guide.windowsfileopener.com
*.hostmaster.windowsfileopener.com
*.server.windowsfileopener.com
*.shop.windowsfileopener.com
*.store.windowsfileopener.com
windowsfileopener.com
*.windowsfileopener.com
*.ww38.windowsfileopener.com
*.www.windowsfileopener.com
winelabelbetter.com
*.winelabelbetter.com
*.ww25.winelabelbetter.com
*.ww38.winelabelbetter.com
Other domains in certificate