SSL Certificate Analysis for openscarpa.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=jf8d.cc

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 14, 2026

Valid Until

September 12, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D8:0B:43:19:1A:D6:B2:87:C6:8E:A0:3C:7F:7A:AF:85:5A:FF:86:6E:82:B3:5A:F1:83:57:E8:0A:40:AB:E8:90

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

openscarpa.com *.openscarpa.com

Other domains in certificate

1111qb.com *.1111qb.com

591521.cc *.591521.cc

axelliantazure.sbs *.axelliantazure.sbs

barriobingo.com *.barriobingo.com

cbfhjetl.xyz *.cbfhjetl.xyz

clash09.com *.clash09.com

f64571717.com *.f64571717.com

f64589975.com *.f64589975.com

*.autodiscover.geraldosatlasalle.com *.com.geraldosatlasalle.com *.cpanel.geraldosatlasalle.com geraldosatlasalle.com *.geraldosatlasalle.com *.hostmaster.geraldosatlasalle.com *.mail.geraldosatlasalle.com *.webdisk.geraldosatlasalle.com *.webmail.geraldosatlasalle.com *.www.geraldosatlasalle.com

getrepresentstudio.com *.getrepresentstudio.com

goldenscarpa.com *.goldenscarpa.com

jf8d.cc *.jf8d.cc

kamuprada188.xyz *.kamuprada188.xyz

kcs-marketing.com *.kcs-marketing.com

kqfzn.qpon *.kqfzn.qpon

kxfe.in *.kxfe.in

megworku.xyz *.megworku.xyz

menowotepak.live *.menowotepak.live

missingpersonssearches.com *.missingpersonssearches.com

myai.beauty *.myai.beauty

mymart.my *.mymart.my

nathaniel122.quest *.nathaniel122.quest

neweraprotectusa.com *.neweraprotectusa.com

nyobaktok.live *.nyobaktok.live

oapai.com *.oapai.com

onesupercharged-ai.com *.onesupercharged-ai.com

openethical.com *.openethical.com

papworld.com *.papworld.com

pbkyr.bid *.pbkyr.bid

pelisflix.ltd *.pelisflix.ltd

performancecheck.info *.performancecheck.info

pianta.co *.pianta.co

pilsdtbnnghj.com *.pilsdtbnnghj.com

pinayflex2.com *.pinayflex2.com

pipefulreach.com *.pipefulreach.com

pipefulsolutions.com *.pipefulsolutions.com

playsnax.com *.playsnax.com

robovariety.com *.robovariety.com

suaratimor.com *.suaratimor.com

texlic.online *.texlic.online