Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=birminghamhomechoice.org.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 15, 2026
Valid Until
August 13, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
46:36:B0:B9:ED:69:4B:83:12:79:EC:3D:CF:32:28:33:4E:BC:2A:B8:F5:49:5A:AE:86:B8:AB:AA:7D:8B:2B:C5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
realpush.digital
*.realpush.digital
*.app.birminghamhomechoice.org.uk
birminghamhomechoice.org.uk
*.birminghamhomechoice.org.uk
*.dev.birminghamhomechoice.org.uk
*.laravel.birminghamhomechoice.org.uk
*.mail.birminghamhomechoice.org.uk
*.owa.birminghamhomechoice.org.uk
*.ww16.birminghamhomechoice.org.uk
*.ww38.birminghamhomechoice.org.uk
mwm-group.com
*.mwm-group.com
prelatry.com
*.prelatry.com
premiumfittrust.run
*.premiumfittrust.run
prostitutkikrasnodar.pro
*.prostitutkikrasnodar.pro
qechfv.cc
*.qechfv.cc
qidianfuwu.com
*.qidianfuwu.com
ratchetpro.com
*.ratchetpro.com
rudub.live
*.rudub.live
saji9320-023ckds.xyz
*.saji9320-023ckds.xyz
sattaworld.mobi
*.sattaworld.mobi
scholarsden.info
*.scholarsden.info
style-beat.info
*.style-beat.info
theagfinancehub.digital
*.theagfinancehub.digital
thedragonsparlour.com
*.thedragonsparlour.com
theeuees.info
*.theeuees.info
themilanofont.com
*.themilanofont.com
thetitleleader.pro
*.thetitleleader.pro
tiffanychairs.mobi
*.tiffanychairs.mobi
tnbc-treatment-7p.click
*.tnbc-treatment-7p.click
tokenizedpreciousmetals.xyz
*.tokenizedpreciousmetals.xyz
toolfee.com
*.toolfee.com
tryamericanmeetingssite.com
*.tryamericanmeetingssite.com
tryexperts-plan-adviser.info
*.tryexperts-plan-adviser.info
turkseria.life
*.turkseria.life
tv-packages-351219326.click
*.tv-packages-351219326.click
useendigitalconsultoria.com
*.useendigitalconsultoria.com
usthb.com
*.usthb.com
vacationcore.xyz
*.vacationcore.xyz
vicwin.io
*.vicwin.io
w13727563.com
*.w13727563.com
wazzyxxx.com
*.wazzyxxx.com
winwithkhimeric.company
*.winwithkhimeric.company
winwithnexusvc.company
*.winwithnexusvc.company
www56397.top
*.www56397.top
www982708.vip
*.www982708.vip
www988778.vip
*.www988778.vip
xuzilin.com
*.xuzilin.com
yjjbjgs.com
*.yjjbjgs.com
youfind-construction-staffjobs-construction439.sbs
*.youfind-construction-staffjobs-construction439.sbs
Other domains in certificate