Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=exerciseinstructors.org.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 11, 2026
Valid Until
July 10, 2026
63 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A5:67:CD:DB:98:0F:96:0B:7F:A2:5F:84:80:FD:1F:B9:8D:75:42:A7:50:74:E7:3B:DD:CB:F9:62:75:AB:13:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
exerciseinstructors.org.uk
*.exerciseinstructors.org.uk
*.admin.exerciseinstructors.org.uk
*.api.exerciseinstructors.org.uk
*.app.exerciseinstructors.org.uk
*.blog.exerciseinstructors.org.uk
*.dev.exerciseinstructors.org.uk
*.ftp.exerciseinstructors.org.uk
*.mail.exerciseinstructors.org.uk
*.mbcefadmin.exerciseinstructors.org.uk
*.members.exerciseinstructors.org.uk
*.portal.exerciseinstructors.org.uk
*.prod.exerciseinstructors.org.uk
*.report.exerciseinstructors.org.uk
*.staging.exerciseinstructors.org.uk
*.test.exerciseinstructors.org.uk
bottosmastergreenlife.com
*.bottosmastergreenlife.com
*.rustore.bottosmastergreenlife.com
fortnitelogin.com
*.fortnitelogin.com
*.ww25.fortnitelogin.com
hv11hh7.cyou
*.hv11hh7.cyou
iblock.it
*.iblock.it
laxsvg.com
*.laxsvg.com
lbcsqi.icu
*.lbcsqi.icu
leppertfs.com
*.leppertfs.com
manach.com
*.manach.com
*.mx.manach.com
*.omni.manach.com
*.300c0eea-c432-11eb-a39d-78b46a47de58.qgnda.com
*.app.qgnda.com
*.ci.qgnda.com
*.hostmaster.qgnda.com
qgnda.com
*.qgnda.com
*.rabr.qgnda.com
*.sitemap.qgnda.com
*.sitemaps.qgnda.com
*.smtp.qgnda.com
*.superset.qgnda.com
*.urmc.qgnda.com
*.wildcard.qgnda.com
*.ww38.qgnda.com
*.www.qgnda.com
stair-lifts-8026.click
*.stair-lifts-8026.click
*.8a798efb-9712-4711-b314-ce238ad85a06.strengthclasses.com
*.backup.strengthclasses.com
*.cloud.strengthclasses.com
*.de242cd4-87f4-4522-8dda-81eb1a683bee.strengthclasses.com
*.dev1superset.strengthclasses.com
*.e27d66a9-aad4-4a29-b22a-5ea00fb97351.strengthclasses.com
*.efbe593f-09b3-47e9-b1be-57cd1f991b45.strengthclasses.com
*.m.strengthclasses.com
*.ra.strengthclasses.com
*.rd.strengthclasses.com
*.rds.strengthclasses.com
*.rdweb.strengthclasses.com
*.remote.strengthclasses.com
*.smdiisuperset.strengthclasses.com
*.staging.strengthclasses.com
strengthclasses.com
*.strengthclasses.com
*.superset.strengthclasses.com
*.uat.strengthclasses.com
*.vps.strengthclasses.com
*.remoto.toddlersandbabies.com
toddlersandbabies.com
*.toddlersandbabies.com
*.torrent.ultivibe.com
ultivibe.com
*.ultivibe.com
verity.investments
*.verity.investments
worldpray.org
*.worldpray.org
wqrwasfasf.click
*.wqrwasfasf.click
*.sitemap.xn--0n3a.com
*.vpn.xn--0n3a.com
*.www.xn--0n3a.com
xn--0n3a.com
*.xn--0n3a.com
Other domains in certificate