Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=simurgh.co.uk
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 30, 2025
Valid Until
March 30, 2026
41 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:94:72:A3:C0:5E:C8:19:10:89:C0:B0:A5:58:68:73:F2:D5:56:BC:BA:EA:02:17:DA:7B:56:11:33:98:56:14
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
basketall.com
*.basketall.com
*.backbone.basketall.com
*.backup.basketall.com
*.flashscore.basketall.com
*.random.basketall.com
*.secure.basketall.com
*.wordpress.basketall.com
boxingstreams.cc
*.boxingstreams.cc
*.live1.boxingstreams.cc
*.original.boxingstreams.cc
*.reddit.boxingstreams.cc
*.reddit1.boxingstreams.cc
*.redditt.boxingstreams.cc
*.tonight.boxingstreams.cc
*.top.boxingstreams.cc
freightexpressltd.site
*.freightexpressltd.site
gussy.store
*.gussy.store
jokeroker.online
*.jokeroker.online
kangenkrishna.online
*.kangenkrishna.online
kasino88.online
*.kasino88.online
katoglenassa.website
*.katoglenassa.website
kirov-autoevakuator.online
*.kirov-autoevakuator.online
*.ai.kjds.xyz
*.dxhz.kjds.xyz
*.erp.kjds.xyz
kjds.xyz
*.kjds.xyz
*.uajsuqsy.kjds.xyz
kzipa.online
*.kzipa.online
lahoremodels.online
*.lahoremodels.online
lexuexchange.online
*.lexuexchange.online
ngnpro.online
*.ngnpro.online
pakistananyjob.website
*.pakistananyjob.website
publiceno.online
*.publiceno.online
*.de.rennovation.com
*.origin.rennovation.com
rennovation.com
*.rennovation.com
*.test.rennovation.com
*.test1.rennovation.com
*.wildcard.rennovation.com
*.securemail.simurgh.co.uk
simurgh.co.uk
*.simurgh.co.uk
*.ww25.simurgh.co.uk
sukienkanalato.pl
*.sukienkanalato.pl
tboyecreativesolu.com
*.tboyecreativesolu.com
teplo-sett.online
*.teplo-sett.online
terapiafisicovascular.online
*.terapiafisicovascular.online
thesoftwaresuite.online
*.thesoftwaresuite.online
tu1688.online
*.tu1688.online
tulastartup.online
*.tulastartup.online
uclwork.online
*.uclwork.online
ucseduportal.com
*.ucseduportal.com
*.www.ucseduportal.com
ursaunion.online
*.ursaunion.online
webmeasured.online
*.webmeasured.online
zjss7.my
*.zjss7.my
*.random.zy.com.au
zy.com.au
*.zy.com.au
Other domains in certificate