Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=optinov.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
March 17, 2026
Valid Until
June 15, 2026
67 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:6C:75:CB:BB:2C:11:C3:AB:E6:A4:4F:08:4D:C3:87:D0:9C:FD:A6:AF:D6:9F:85:4E:49:1F:73:C5:B7:F3:A5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
vectie.ai
360tech.co
addilock.com
docentecas-cert.alemana.cl
alvini.pt
www.anyonecandesign.com
ashishmanchanda.au
tennet.assettwin.nl
axerontech.com
www.bhr.com.br
www.bingbingbin.lol
tools.bitboxx.co.jp
blackstoneward.org
optix.boat-tote.com
number-cross-5.brandomora.com
bytelocksecurity.com
www.cortado.ai
crax.my.id
devlinks.crimson-assurance.com
console.staging.deeple.ai
rvm-s.dev-ltl-xpo.com
www.djmaxy.com
www.doctorfind.in
q2-myproductbook.dpd.co.uk
inbox.oe.emporix.io
mypage-web.eneco.cloud
link.engageb.com
download.finchcare.com
firepress.net
www.flisolcancun.info
www.garage.id
gatherli.org
general-flare.com
geodetherapy.com
gitdelivr.in
gripex.pl
test.grispaakul.dk
landing.habio.app
applink.heliot.co.th
isantuni.hidayahcentre.my
www.hottnotes.com
inboxflow.com.br
samariten-gotland.infosynk.se
inovaracm.com.br
jack.ar
www.jaguarsheet.com
www.jazzjibberish.com
www.jncblinds.com.au
www.kaiwadeck.com
kar-pippalla.com
fabian.kotschenreuther.online
app.kreatoraistudio.com
www.kreatoraistudio.com
apps.kwpandpartners.au
lazrek.net
www.longjourney.digital
app.mahalawifi.co.za
www.massagehealthcoaching.nl
radio.metaverse-academy.xyz
www.mobdev.com.br
play.numberhive.org
www.oacsolutions.io
odatasys.com
oilstandardtraders.com
deenly.omeryavus.com
app.omnifluence.io
opogenius.es
optinov.com
cloud-mgmt-modules.cdn.apps.paloaltonetworks.com
paniaguajulio.com
pasquettroofing.com
platinumdiamondgame.com
investment-accounting.resre.bm
rizzinstruments.com
si-wylly.roadzen.vision
www.rongyan.site
www.safe-treks.com
www.saiftech.org
try.schedulelab.io
www.scholfestival.be
admin-stg.vks.secom.jp
sergiishaulis.com
skillcrypt.io
webeditor.sola.or.jp
www.sticky-todo.com
stylelimb.co.uk
www.symphonic.audio
thannak.com
panel.thesyncvos.com
www.thisismmavideos.com
dev.quiz.thrive.uk.com
trynotes.in
tulachky.cz
uat1.unifize.com
www.uraharu.me
brainstorm-for-jira.wallsync.net
referral.whatsales.io
wedding.zelberi.com
withdraw-goerli.zksync.io
zoberma.sk
Other domains in certificate