Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=couponsurge.org
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 11, 2026
Valid Until
August 09, 2026
88 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
06:86:AD:61:C4:36:8C:DD:16:AD:08:04:81:BA:C8:CB:81:E2:CB:72:B8:54:34:21:DF:4B:DB:0F:4C:18:A8:30
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
ken88.app
*.ken88.app
*.marketing.ken88.app
*.secure.ken88.app
animestream.org
*.animestream.org
berkleycountyschools.org
*.berkleycountyschools.org
couponsurge.org
*.couponsurge.org
edevyonlendirme.club
*.edevyonlendirme.club
fischerknoten.de
*.fischerknoten.de
igodootour.com
*.igodootour.com
impoundpolicy.org
*.impoundpolicy.org
indenizandoagora.info
*.indenizandoagora.info
isntamed.com
*.isntamed.com
j5oavr.vip
*.j5oavr.vip
jazzacademie.be
*.jazzacademie.be
jncah1548.com
*.jncah1548.com
ken88.biz
*.ken88.biz
love-loveme.com
*.love-loveme.com
mehrspielerspiele.de
*.mehrspielerspiele.de
presissuchmaschine.de
*.presissuchmaschine.de
smieles.de
*.smieles.de
stationerysupply.com.au
*.stationerysupply.com.au
stellar-lunarhub.xyz
*.stellar-lunarhub.xyz
styxmarkets.art
*.styxmarkets.art
symptome-einer-depression.de
*.symptome-einer-depression.de
thefinancialfront.org
*.thefinancialfront.org
*.www.thefinancialfront.org
themoneyconsultants.com
*.themoneyconsultants.com
tierheim-hemmstrasse.de
*.tierheim-hemmstrasse.de
toilettenbilder.de
*.toilettenbilder.de
vaginalfolter.de
*.vaginalfolter.de
villigfluege.de
*.villigfluege.de
vldme.qpon
*.vldme.qpon
winterboots.com.au
*.winterboots.com.au
wsetjet.ca
*.wsetjet.ca
x9ebiumzqo090525w85.cfd
*.x9ebiumzqo090525w85.cfd
xcing.de
*.xcing.de
xn--eiweissditen-ocb.de
*.xn--eiweissditen-ocb.de
xn--garnierschler-kfb.de
*.xn--garnierschler-kfb.de
xn--modellautozubehr-0wb.de
*.xn--modellautozubehr-0wb.de
xn--pedikrset-u9a.de
*.xn--pedikrset-u9a.de
xn--rckzahlung-9db.de
*.xn--rckzahlung-9db.de
xn--salatkruter-r8a.de
*.xn--salatkruter-r8a.de
xn--spielgeschft-pcb.de
*.xn--spielgeschft-pcb.de
xn--stellenvermittlungsbro-cmc.de
*.xn--stellenvermittlungsbro-cmc.de
xn--verzgerer-37a.de
*.xn--verzgerer-37a.de
yxy30.icu
*.yxy30.icu
Other domains in certificate