DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt Active incidents

Certificate Information

Subject
CN=nsfy.org
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 20, 2026
Valid Until
September 18, 2026 84 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1C:A3:8C:71:8F:D8:C8:9E:BA:40:70:45:E1:E9:8E:37:3B:35:98:E4:10:C6:43:17:7C:57:16:5E:10:90:68:48
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
manchu.net *.manchu.net *.client.manchu.net *.connectvpn.manchu.net *.gateway.manchu.net *.login.manchu.net *.mobile.manchu.net *.office.manchu.net *.portal.manchu.net *.remoteaccess.manchu.net *.secureaccess.manchu.net *.sslvpn.manchu.net *.vpn2.manchu.net *.web.manchu.net *.webconnect.manchu.net *.webvpn.manchu.net *.www.manchu.net

Other domains in certificate

*.a.bekea.it.com bekea.it.com *.bekea.it.com
*.32.fadfid.vip fadfid.vip *.fadfid.vip
g8tv.com *.g8tv.com *.m.g8tv.com
*.ftp.greenapplecannabis.com greenapplecannabis.com *.greenapplecannabis.com *.m.greenapplecannabis.com
hootwifi.com *.hootwifi.com *.m.hootwifi.com
i5a.cc *.i5a.cc *.mp3.i5a.cc
*.m.mallowner.com mallowner.com *.mallowner.com *.portal.mallowner.com
*.m.manhattanmakeupartist.com manhattanmakeupartist.com *.manhattanmakeupartist.com
*.autodiscover.nft.bet *.hostmaster.nft.bet *.m.nft.bet *.mail.nft.bet nft.bet *.nft.bet *.webmail.nft.bet
*.m.ninjazo.com ninjazo.com *.ninjazo.com *.secure.ninjazo.com
*.m.nitromeet.com nitromeet.com *.nitromeet.com *.staging.nitromeet.com
*.m.nmdx.org nmdx.org *.nmdx.org
*.m.nsfy.org nsfy.org *.nsfy.org
*.m.plymouthcounty.org plymouthcounty.org *.plymouthcounty.org
*.m.proactivepolicy.org proactivepolicy.org *.proactivepolicy.org
*.m.quizfinanzas.com quizfinanzas.com *.quizfinanzas.com
*.m.rentanise.com rentanise.com *.rentanise.com
*.mpeiff.smilepath3535.info smilepath3535.info *.smilepath3535.info
*.hostmaster.snowboardingvr.com *.m.snowboardingvr.com snowboardingvr.com *.snowboardingvr.com
*.m.thea.bot thea.bot *.thea.bot
*.m.thebarleymill.com thebarleymill.com *.thebarleymill.com