DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Certificate Information

Subject
CN=oharascholar.co.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 24, 2025
Valid Until
March 24, 2026 40 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AC:BC:C0:76:B1:9F:3E:B7:B1:19:C5:0D:B4:E0:F5:5B:E1:0D:5C:30:53:42:86:91:8D:E8:84:CB:88:D8:7D:56
Alternative Names
78 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

78 domains
upto-down.com *.upto-down.com *.en.upto-down.com

Other domains in certificate

2zt8zij.cc *.2zt8zij.cc *.z.2zt8zij.cc
brassbeat.at *.brassbeat.at
czzea.com *.czzea.com *.ww16.czzea.com *.ww17.czzea.com *.ww38.czzea.com
lpngraphy.be *.lpngraphy.be
momenttrend.com *.momenttrend.com
myjustenergy.com *.myjustenergy.com *.random.myjustenergy.com
*.accounts.nintedno.com *.baas.nintedno.com *.ccg.nintedno.com *.dev-argta-2.nintedno.com *.developer.nintedno.com *.ec.nintedno.com *.mii.nintedno.com nintedno.com *.nintedno.com *.playtest-p.nintedno.com *.support.nintedno.com
nnnnnnnn.com *.nnnnnnnn.com *.ww1.nnnnnnnn.com
oharascholar.co.uk *.oharascholar.co.uk
pbradvisory.co.uk *.pbradvisory.co.uk
pdwxz.com *.pdwxz.com
pilgrims.com.au *.pilgrims.com.au
plazamurah888.online *.plazamurah888.online
pneumarestaurant.com.au *.pneumarestaurant.com.au
quinta-hilario.net *.quinta-hilario.net
sandjcarnell.co.uk *.sandjcarnell.co.uk
schoenmakeroostvlaanderen.be *.schoenmakeroostvlaanderen.be
shilling.uk *.shilling.uk
slinerefurbishment.co.uk *.slinerefurbishment.co.uk
smhomeimprovementsltd.co.uk *.smhomeimprovementsltd.co.uk
sscleasing.co.uk *.sscleasing.co.uk
*.cdn.stockmarketdaily.co *.new.stockmarketdaily.co stockmarketdaily.co *.stockmarketdaily.co
tastegreece.co.uk *.tastegreece.co.uk
tesmat.co.uk *.tesmat.co.uk
tone-matrix.online *.tone-matrix.online
*.images.travelcage.com *.kbcv67srje.travelcage.com travelcage.com *.travelcage.com *.users.travelcage.com
*.server.woolorth.de woolorth.de *.woolorth.de