DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=refineland.com
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 12, 2026
Valid Until
September 10, 2026 89 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
88:F9:E4:F3:92:85:15:E8:88:0B:25:29:40:74:B5:F8:2F:A8:65:D3:04:42:CD:61:89:E2:A5:A9:2B:D4:6B:F4
Alternative Names
87 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

87 domains
unionstack.com *.unionstack.com *.rd.unionstack.com *.rds.unionstack.com *.rdweb.unionstack.com *.www.unionstack.com

Other domains in certificate

*.g89kw.poknd.top *.j2zfz.poknd.top *.kp5po.poknd.top *.ks0v9.poknd.top *.kwid9.poknd.top *.lcjev.poknd.top *.nktjv.poknd.top *.o7p4x.poknd.top poknd.top *.poknd.top *.y6iui.poknd.top *.y9zz2.poknd.top *.z4r76.poknd.top *.zruod.poknd.top
*.1yme1.pqrsttu.top *.2194l.pqrsttu.top *.5jsd7.pqrsttu.top *.5vs9r.pqrsttu.top *.fcvkr.pqrsttu.top *.feew6.pqrsttu.top *.gjdvb.pqrsttu.top *.jyikv.pqrsttu.top *.me7q1.pqrsttu.top pqrsttu.top *.pqrsttu.top *.svzzq.pqrsttu.top *.z4gbs.pqrsttu.top
*.node.pre440.info pre440.info *.pre440.info
*.ad.refineland.com *.auto.refineland.com *.campus.refineland.com *.finance.refineland.com *.leling.refineland.com *.music.refineland.com refineland.com *.refineland.com *.tv.refineland.com
*.8-e61ddf5604ba.xn--6rt149e.com *.app.xn--6rt149e.com *.backup.xn--6rt149e.com *.blog.xn--6rt149e.com *.m.xn--6rt149e.com *.mail.xn--6rt149e.com *.mailer.xn--6rt149e.com *.qa.xn--6rt149e.com *.rd.xn--6rt149e.com *.rds.xn--6rt149e.com *.rdweb.xn--6rt149e.com *.tcwdexjg.xn--6rt149e.com *.tsuqfrdweb.xn--6rt149e.com *.uat.xn--6rt149e.com *.v2.xn--6rt149e.com *.web.xn--6rt149e.com *.www.xn--6rt149e.com xn--6rt149e.com *.xn--6rt149e.com
*.hao.xn--m7r710c.com *.m.xn--m7r710c.com *.rd.xn--m7r710c.com *.rds.xn--m7r710c.com *.rdweb.xn--m7r710c.com xn--m7r710c.com *.xn--m7r710c.com
*.adm.xn--ym1a97z.com *.ai.xn--ym1a97z.com *.app.xn--ym1a97z.com *.desktop.xn--ym1a97z.com *.dev.xn--ym1a97z.com *.gp.xn--ym1a97z.com *.members.xn--ym1a97z.com *.rd.xn--ym1a97z.com *.rdp.xn--ym1a97z.com *.remoto.xn--ym1a97z.com *.ts.xn--ym1a97z.com *.vdi.xn--ym1a97z.com *.vpn.xn--ym1a97z.com *.www.xn--ym1a97z.com xn--ym1a97z.com *.xn--ym1a97z.com