SSL Certificate Analysis for as3.overthedoors.it - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=overthedoors.it

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

March 19, 2026

Valid Until

June 17, 2026 33 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3E:BB:5D:9E:C9:E0:2D:68:03:F3:C1:72:D1:53:D2:01:29:A2:9F:FC:8B:5F:10:22:6E:9C:6D:8C:32:03:9E:A8

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

overthedoors.it *.overthedoors.it *.analytic.overthedoors.it *.app.overthedoors.it *.ds5.overthedoors.it *.t0420.overthedoors.it *.t265198.overthedoors.it *.t356220.overthedoors.it *.t533261.overthedoors.it *.thumbors.overthedoors.it

Other domains in certificate

adah.it *.adah.it *.app.adah.it *.dashboard.adah.it *.demo.adah.it *.metrics.adah.it

agit660.xyz *.agit660.xyz *.d.agit660.xyz *.ww25.agit660.xyz *.ww38.agit660.xyz

brass.au *.brass.au *.random.brass.au

containerpools-us.online *.containerpools-us.online

dmalyuk.site *.dmalyuk.site

dogrescueadventure.com *.dogrescueadventure.com *.ebooks-on-kindle.dogrescueadventure.com *.free-book-to-read.dogrescueadventure.com *.free-ebooks-on-web-designing-download.dogrescueadventure.com *.piers-anthony-ebooks-free-download.dogrescueadventure.com

hugnheal.com *.hugnheal.com *.post.hugnheal.com

kum.com.au *.kum.com.au

*.ml.noncelafacciopiu.it noncelafacciopiu.it *.noncelafacciopiu.it *.www.noncelafacciopiu.it

*.imap.posreo.de posreo.de *.posreo.de

*.api.quebecargent.com *.dev.quebecargent.com *.mail.quebecargent.com quebecargent.com *.quebecargent.com *.random.quebecargent.com

shcoolgy.com *.shcoolgy.com

*.data.suduel.com *.hostmaster.suduel.com *.orkflow.suduel.com suduel.com *.suduel.com *.workflow.suduel.com

sydneytractorrentals.com.au *.sydneytractorrentals.com.au

*.aapainel.systemcs.online *.csgold.systemcs.online *.gcs.systemcs.online *.gorilacs.systemcs.online *.paraibasat.systemcs.online *.pbsat.systemcs.online *.srvdb.systemcs.online *.staging.systemcs.online systemcs.online *.systemcs.online *.tvlivresempre.systemcs.online

*.mail.thepunchbowllapworth.com *.ns2.thepunchbowllapworth.com thepunchbowllapworth.com *.thepunchbowllapworth.com

*.tube-5.tube8.fun tube8.fun *.tube8.fun

*.rustore.vrpro.digital vrpro.digital *.vrpro.digital *.www.vrpro.digital

watchmovies24.com *.watchmovies24.com *.ww25.watchmovies24.com

zoom4india.com *.zoom4india.com