SSL Certificate Analysis for random.nrgapp.net - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=transaction.live

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 26, 2026

Valid Until

August 24, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2F:D6:20:98:42:A4:B0:10:7A:92:C6:74:03:9F:66:8C:92:DE:AB:EC:91:8F:2B:68:5D:09:A1:0B:61:2F:A8:FA

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

nrgapp.net *.nrgapp.net *.app.nrgapp.net *.random.nrgapp.net *.ww25.nrgapp.net

Other domains in certificate

00684.cc *.00684.cc

022557.com *.022557.com *.m.022557.com

0b39dbhtsv.sbs *.0b39dbhtsv.sbs

30v.cc *.30v.cc

317136.xyz *.317136.xyz

33585.co *.33585.co

8hlist.com *.8hlist.com *.cpanel.8hlist.com *.dev.8hlist.com *.globbing.8hlist.com

anecstry.com *.anecstry.com *.cms.anecstry.com *.lwww.anecstry.com *.random.anecstry.com *.rootsweb.anecstry.com *.ww17.anecstry.com

ax3.live *.ax3.live *.random.ax3.live *.www.ax3.live

*.admin.bewegungs.it *.api.bewegungs.it bewegungs.it *.bewegungs.it *.demo.bewegungs.it *.remote.bewegungs.it *.webmail.bewegungs.it

*.drama.kissasian.to *.hostmaster.kissasian.to kissasian.to *.kissasian.to *.m.kissasian.to *.new.kissasian.to *.w1.kissasian.to *.ww16.kissasian.to *.ww3.kissasian.to *.ww38.kissasian.to *.ww5.kissasian.to *.ww7.kissasian.to *.www.kissasian.to

*.admin.nihongo.it *.demo.nihongo.it nihongo.it *.nihongo.it *.staging.nihongo.it *.webmail.nihongo.it

obituary.com.gh *.obituary.com.gh

*.random.to-fa.com *.spf01.to-fa.com *.spf03.to-fa.com to-fa.com *.to-fa.com

*.aewealthmanagement.transaction.live *.api.transaction.live *.cach-rut-tien-sunwin-elx.transaction.live *.careers.transaction.live *.cdn.transaction.live *.cipcip.transaction.live *.client.transaction.live *.code.transaction.live *.dev.transaction.live *.dmz.transaction.live *.hostmaster.transaction.live *.ingress.transaction.live *.media.transaction.live *.stats.transaction.live transaction.live *.transaction.live *.vdib.transaction.live *.virtustore.transaction.live *.www1.transaction.live

*.chizzybeautybar.wwwwix.com *.coreyhrycuik.wwwwix.com wwwwix.com *.wwwwix.com