DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=freshwaterscf.org.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 25, 2026
Valid Until
August 23, 2026 73 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9F:6E:55:95:46:04:8C:59:FD:78:C8:EE:5F:4D:65:7E:4A:04:A8:96:A4:C7:80:A9:DF:C3:60:9F:28:3A:CA:AC
Alternative Names
90 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains
exportcontrol.dev *.exportcontrol.dev *.64a05c21-ce7e-481b-85fe-04122bb6e85e.exportcontrol.dev *.9671efa2-cd59-48fc-8ec9-310169318fb6.exportcontrol.dev *.admin.exportcontrol.dev *.app.exportcontrol.dev *.bot.exportcontrol.dev *.demo.exportcontrol.dev *.members.exportcontrol.dev *.mno80r.exportcontrol.dev *.new.exportcontrol.dev

Other domains in certificate

*.activetameside.dkk.it *.analytic.dkk.it *.api.dkk.it *.app.dkk.it *.backend.dkk.it *.bi.dkk.it *.dashboard.dkk.it *.dashboards.dkk.it *.data.dkk.it *.dev.dkk.it dkk.it *.dkk.it *.druid.dkk.it *.erpdemo.dkk.it *.hostmaster.dkk.it *.intel.dkk.it *.intelligence.dkk.it *.larocheetassocies.dkk.it *.report.dkk.it *.research.dkk.it *.secretariatgeneral.dkk.it *.staging.dkk.it *.superset.dkk.it *.supersets.dkk.it *.wapogee.dkk.it
*.files.freshwaterscf.org.uk freshwaterscf.org.uk *.freshwaterscf.org.uk
*.4qwa0.kingkong898.xyz *.d.kingkong898.xyz kingkong898.xyz *.kingkong898.xyz *.me7q1.kingkong898.xyz *.nxc75.kingkong898.xyz *.rskarapp.kingkong898.xyz *.s28s9.kingkong898.xyz *.sbd1u.kingkong898.xyz *.tzygd.kingkong898.xyz *.v3ywp.kingkong898.xyz *.web.kingkong898.xyz *.zl1z8.kingkong898.xyz
*.autodiscover.presidentgore.com *.cpcalendars.presidentgore.com *.mail.presidentgore.com presidentgore.com *.presidentgore.com *.webdisk.presidentgore.com *.www.presidentgore.com
*.3ff3u2.vacations.bot *.api.vacations.bot *.app.vacations.bot *.apps.vacations.bot *.assets.vacations.bot *.ba4468db-c1ce-4516-9535-2529cee0bc0d.vacations.bot *.backup.vacations.bot *.bot.vacations.bot *.dashboard.vacations.bot *.dev.vacations.bot *.ecsizassets.vacations.bot *.kmrprstg.vacations.bot *.m.vacations.bot *.mail.vacations.bot *.mailer.vacations.bot *.marketing.vacations.bot *.members.vacations.bot *.portal.vacations.bot *.qa.vacations.bot *.secure.vacations.bot *.staging.vacations.bot *.stg.vacations.bot *.test.vacations.bot *.uat.vacations.bot *.v1.vacations.bot *.v2.vacations.bot vacations.bot *.vacations.bot *.vofngwcl.vacations.bot *.web.vacations.bot *.www.vacations.bot