DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=dominionational.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 03, 2026
Valid Until
May 04, 2026 82 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D2:A3:9D:94:62:90:F3:A4:E9:DB:44:EF:0A:B8:67:58:65:35:6A:F0:91:76:DD:63:30:5E:2F:69:31:43:87:86
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
vardiman.com *.vardiman.com *.ebay.vardiman.com

Other domains in certificate

aneti.com *.aneti.com *.concour.aneti.com *.ww1.aneti.com
awesomeauction.com *.awesomeauction.com *.sitemaps.awesomeauction.com *.www.awesomeauction.com
cerramientos.com *.cerramientos.com *.mail.cerramientos.com
*.admin.dalthorp.com dalthorp.com *.dalthorp.com
*.app.dominionational.com dominionational.com *.dominionational.com *.hostmaster.dominionational.com *.point32healthprovider.dominionational.com
napes.com *.napes.com *.uar5ta.napes.com
searchpartners.it *.searchpartners.it *.vpnapac.searchpartners.it
*.cisco.tasogare.com tasogare.com *.tasogare.com *.tudoem1news.tasogare.com *.wklondon.tasogare.com
trythelemonlight.com *.trythelemonlight.com
tyrrf.net *.tyrrf.net
tzcgbd.net *.tzcgbd.net
unsecondo.it *.unsecondo.it
vao11bet.app *.vao11bet.app
vip18677n.shop *.vip18677n.shop
vsfav.pro *.vsfav.pro
warte.it *.warte.it
*.ctklr.weadorehim.org *.holyfamily.weadorehim.org *.mobile.weadorehim.org *.olhsc.weadorehim.org *.seasfw.weadorehim.org *.stjoeshawnee.weadorehim.org weadorehim.org *.weadorehim.org
whitesky.it *.whitesky.it
whomp.it *.whomp.it
winesfromitaly.it *.winesfromitaly.it
*.es.woldenorchids.com *.gxqzmww25.woldenorchids.com *.mail.woldenorchids.com woldenorchids.com *.woldenorchids.com
workafter.it *.workafter.it
www222777.vip *.www222777.vip
xgbqie.net *.xgbqie.net
xn--fmr195at41b.com *.xn--fmr195at41b.com
xn--fmrv43bx11b.com *.xn--fmrv43bx11b.com
xphr6b.top *.xphr6b.top
yinheaa.pro *.yinheaa.pro
yzqgu.bid *.yzqgu.bid
zerobbs.net *.zerobbs.net
zgrbi.tv *.zgrbi.tv
zhaoav7.cloud *.zhaoav7.cloud