Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=opendoorusa.org
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
May 28, 2026
Valid Until
August 26, 2026
83 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
36:38:09:B6:D1:81:75:DE:21:54:2E:4D:7E:BA:A6:3F:A0:48:08:0F:DE:6F:FA:9B:AA:E9:01:F2:64:99:60:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
zgi.it
*.zgi.it
*.hostmaster.zgi.it
26556279.vip
*.26556279.vip
*.ghnd6a.26556279.vip
amazoc.ca
*.amazoc.ca
*.ww25.amazoc.ca
cannolibot.shop
*.cannolibot.shop
*.ftp.cannolibot.shop
*.gov.cannolibot.shop
*.staging.cannolibot.shop
*.backup.cfaithtoday.com
*.beta.cfaithtoday.com
cfaithtoday.com
*.cfaithtoday.com
*.cft.cfaithtoday.com
*.core.cfaithtoday.com
*.cpcontacts.cfaithtoday.com
*.webdisk.cfaithtoday.com
*.www.cfaithtoday.com
cssvg.co
*.cssvg.co
*.ww38.cssvg.co
easyrecipes7.com
*.easyrecipes7.com
*.skinnydishes.easyrecipes7.com
*.digibook4.geniousgrow.online
geniousgrow.online
*.geniousgrow.online
*.myportfolio.geniousgrow.online
*.homedecorcreations.homenotion.com
*.homedecorcreationsblog.homenotion.com
homenotion.com
*.homenotion.com
*.rackofwine.homenotion.com
*.app.horanart.com
horanart.com
*.horanart.com
*.hostmaster.horanart.com
*.portal.horanart.com
*.vpn.horanart.com
keurigadvies-v2.site
*.keurigadvies-v2.site
*.ww25.keurigadvies-v2.site
mackeyfi40.site
*.mackeyfi40.site
*.ww25.mackeyfi40.site
namely.shop
*.namely.shop
*.sitemap.namely.shop
*.hostmaster.opendoorusa.org
opendoorusa.org
*.opendoorusa.org
*.ww38.opendoorusa.org
*.www.opendoorusa.org
*.cdn.otecms.net
*.login.otecms.net
*.m.otecms.net
otecms.net
*.otecms.net
*.staging.otecms.net
*.test.otecms.net
*.testing.otecms.net
*.ww1.otecms.net
pinayflixvid.xyz
*.pinayflixvid.xyz
*.ww38.pinayflixvid.xyz
sefrtasadd.com
*.sefrtasadd.com
*.ww38.sefrtasadd.com
*.1l.sz4.site
*.app.sz4.site
*.cl.sz4.site
*.support.sz4.site
sz4.site
*.sz4.site
*.test.sz4.site
*.testing.sz4.site
*.ww.sz4.site
*.ww25.sz4.site
tripletsofcopenhagen.pro
*.tripletsofcopenhagen.pro
webstrountstore.com
*.webstrountstore.com
zerolend.co
*.zerolend.co
Other domains in certificate