Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=footprint.org.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 10, 2026
Valid Until
May 11, 2026
79 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
91:BE:AF:81:36:0D:8A:74:8D:57:02:F1:0C:72:EE:95:96:4C:24:AE:12:94:FD:0F:7E:CC:6D:44:BE:21:79:D6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
oom.us
*.oom.us
*.3.oom.us
*.7.oom.us
*.cedu.oom.us
*.flowiseai.oom.us
*.kila-ac-in.oom.us
*.learn.oom.us
*.mit.oom.us
*.samaritanspurse.oom.us
*.trt14-jus-br.oom.us
*.ucsf.oom.us
*.us02we.oom.us
*.us02web.oom.us
*.us06web.oom.us
*.usubweb.oom.us
*.web.oom.us
*.ww11.oom.us
*.ww38.oom.us
*.y.oom.us
*.z.oom.us
*.z0.oom.us
*.zz.oom.us
2367yhc.top
*.2367yhc.top
*.resolver.2367yhc.top
*.apps.diesel-watch-525882915.click
diesel-watch-525882915.click
*.diesel-watch-525882915.click
*.cdn-1.don-english.xyz
*.cdn-4.don-english.xyz
don-english.xyz
*.don-english.xyz
footprint.org.uk
*.footprint.org.uk
*.wildcard.footprint.org.uk
*.wwf.footprint.org.uk
*.fallback.gvhy.com
*.fisher-add.gvhy.com
gvhy.com
*.gvhy.com
*.wildcard.gvhy.com
*.cpanel.losangelesclippersjerseys.com
losangelesclippersjerseys.com
*.losangelesclippersjerseys.com
*.sub.losangelesclippersjerseys.com
*.admin.palisadesfirelitgation.com
*.api.palisadesfirelitgation.com
*.app.palisadesfirelitgation.com
palisadesfirelitgation.com
*.palisadesfirelitgation.com
*.portal.palisadesfirelitgation.com
*.shop.palisadesfirelitgation.com
*.store.palisadesfirelitgation.com
*.ww38.palisadesfirelitgation.com
*.amsterdam.raboank.nl
*.hage-beek.raboank.nl
*.linux.raboank.nl
*.oi.raboank.nl
raboank.nl
*.raboank.nl
*.rn.raboank.nl
*.wildcard.raboank.nl
*.ww17.raboank.nl
*.ww35.raboank.nl
*.ww38.raboank.nl
skindex.au
*.skindex.au
*.wildcard.skindex.au
*.hostmaster.southafricaair.com
southafricaair.com
*.southafricaair.com
*.wildcard.southafricaair.com
*.ww38.southafricaair.com
*.backend.trener.it
trener.it
*.trener.it
usagovjob.com
*.usagovjob.com
*.wildcard.usagovjob.com
*.dad.will.cm
*.done.will.cm
*.dys.will.cm
*.i.will.cm
*.m.will.cm
*.saying.will.cm
*.u.will.cm
will.cm
*.will.cm
Other domains in certificate