Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=opendir.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 28, 2026
65 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1E:02:8C:B5:B5:A2:5C:67:65:65:66:EB:5C:10:19:42:8B:6C:49:E9:86:F2:CF:82:6C:27:8D:F6:38:A1:A6:19
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
auth.voicetyper.net
2005.bloggies.com
auth.agently.abeja.io
acappolli.com.br
aceathens.gr
adamrdev.com
ailatics.com
alexsze.technology
www.bibelen.nu
ib8-prod.bk8.network
www.breadstand.us
www.casadadanca.app
clapclap.xyz
soulmusicacademy.co.in
partner.bgood.co.kr
sendpay.co.kr
fb.worldportal.com.my
cozyva.com
www.dac-repairs.co.uk
dadopa.cz
admin.delishmall.com
app.docket.works
dotspot.space
videos.earningsahead.com
identity.ecocenter.store
app.endonet.cl
web3wax.eosde.net
admin.evfy.sg
staging-fms.evfy.sg
www.fbook.cc
www.fitufloorsanddecors.com
xincaihong.fruits-town.shop
www.gygcontable.com
haragapp.com
conference.homehub.site
www.hotelvillam.com
www.hugoborsier.com
onboardingdev.immopad.com
www.instinctsurveys.com
dashboard.jaybox.com
www.kalyanibhagat.com
aker-biomarine-okr.knowit.no
www.kossanlund.se
laidbacklu.com
cfc.lernit.app
takenbord.lohrangrin.be
magenta-tv-app.at
www.mangoinabox.be
my.mkpartners.com
www.mohamed.co.nz
apollo.production.moonisgood.com
naimaabed.com
naru-island.com
www.natesesti.com
www.op-log.com
opendir.org
panicotippspiel.com
penum.com
www.plenitude-ci.org
pokeforum.co.uk
admin.preggersapp.com
psykologlouisemunk.dk
www.redkoda.com
rerate.app
ricksmobilewelding.net
spienzen.ruudvandenboomen.nl
join.scj.io
app.sercom.app
www.shoppic.app
mobile.shots.nl
staff.dev14.skool.sg
skyforecaster.com
www.socialclean.app
www.soilsolution.com
chicagoskyraceadmin.sqwadhq.com
loyolashuffle.sqwadhq.com
piening.stazzle-business.de
steffievandendries.nl
links.stripe-interiors.co.za
www.svenmoon.com
dashboard.swanmoments.com
swiftcns.ai
dashboard.taif-app.ly
theroom000.com
zz2-compost.thinkninjas.co.za
mobile.tireject.com
gofit.turnosweb.app
vis.turnosweb.app
www.villamafideadelmaresalento.com
vintages.software
vivekdubey.uk
image.vmog.net
vreaurelatie.ro
reading-room.withintent.com
app-link-dev.yakiniku-king.jp
manual.yamaha.com
yasminoriqat.com
www.youki-bessho.com
aras-pm.ytlabs.com
invite.zori.app
Other domains in certificate