DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=nrd.world
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
January 13, 2026
Valid Until
April 13, 2026 62 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5A:F5:E2:9E:EF:40:DB:8A:77:DB:B2:F2:A0:AF:EA:B1:BC:7D:F1:B7:FC:A8:74:0B:C9:7A:F3:2A:69:BE:88:99
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
nrd.world *.nrd.world *.link.nrd.world *.test.nrd.world

Other domains in certificate

80x.xyz *.80x.xyz *.hostmaster.80x.xyz *.love.80x.xyz
aarati.me *.aarati.me
altadefiniozione.click *.altadefiniozione.click
apexcraftconstructioncompany.com *.apexcraftconstructioncompany.com
backpaintreatments268337.icu *.backpaintreatments268337.icu
bank-bridge.com *.bank-bridge.com
*.autoconfig.blog.discount blog.discount *.blog.discount *.hostmaster.blog.discount *.random.blog.discount
budgetdeal.au *.budgetdeal.au
codestorebd.xyz *.codestorebd.xyz
creditfense.com *.creditfense.com
datagrit.net *.datagrit.net
euwl.site *.euwl.site
fapc18.com *.fapc18.com
*.dev.gva3u.pro gva3u.pro *.gva3u.pro
*.fellowship.gvnfoundation.org gvnfoundation.org *.gvnfoundation.org *.hostmaster.gvnfoundation.org
jugloza.com *.jugloza.com
kidschannel.au *.kidschannel.au
kisuoe.com *.kisuoe.com
kivzapqak.com *.kivzapqak.com
ninjapromo.digital *.ninjapromo.digital
nyctd.com *.nyctd.com
onlineseterra.com *.onlineseterra.com *.ww38.onlineseterra.com
petic.com *.petic.com
pitbullterrier.org *.pitbullterrier.org *.random.pitbullterrier.org *.www.pitbullterrier.org
pitrex.pro *.pitrex.pro *.ww38.pitrex.pro *.www.pitrex.pro
publichouse-ga.com *.publichouse-ga.com *.test.publichouse-ga.com
*.mail.sawadikap20.click sawadikap20.click *.sawadikap20.click
*.com.server.party *.de.server.party *.dk.server.party *.fer.server.party *.lt.server.party *.se.server.party server.party *.server.party
supercomputer.com.au *.supercomputer.com.au
suplier.com *.suplier.com *.uber.suplier.com
tranport-parking-tickets-overdue.com *.tranport-parking-tickets-overdue.com
vetchoice.au *.vetchoice.au