Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=account.aidara.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
F6:69:5E:91:D8:A5:F3:DE:C7:90:7B:86:08:AB:25:A9:54:6D:2F:1C:C5:16:3D:27:9A:88:47:22:EB:BB:DB:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
alidihaw.com
3hatproductivity.com
account.aidara.app
albayanmodern.com
cp.ansu.co
www.apexcryptoloans.com
app.arabicmovies.app
srt.azxyc.xyz
www.batteryok.in
download-test.beautywalk.jp
fcnantes.dl.bfsp.app
biccixpress.cl
bluewavenexus.com
www.boxcointeriors.com
bsa442.com
chabashoy.com.ar
vandemataram-admin.classet.in
alpha-salady.apps.flyground.co.kr
privacy.mrk13.co.kr
colefrishman.com
www.concept9.in
landing.conectandocorazones.com.co
conradt.dev
sponsor.constructionawards.ie
dardar.com
darkspark.dev
devnira.com
ascend.deya.com
m.digiqc.com
www.digisvcsolutions.com
digitalsignage.host
redirect.direct-energie.com
link.emanate.live
www.fastreliefpain.com
fullstackreboot.com
test.getcollyde.com
www.golfclubeventos.com.ar
dnl.mcat.in.th
odian.indiandevelopers.org
inesfrazao.com
kahaani.app
www.kasoft.vn
app.keysper.fr
www.khavin.me
kofounder.ee
admin.kutyavalegymosolyert.hu
www.kynesiolux.com
eventos.lineashospitalarias.com
lovenats.com
stockr.meowers.net
blog.mft.quest
www.mintmoves.life
mootos.org
www.mysewingangel.com
www.n1mtc.com
www.naamin.com
blog.nopfp.com
nzclaim.com
static.onduo.com
digital.escribanos-salta.org.ar
www.batistamissionario.org.br
app.outreach.xyz
development-support.p-e.kr
www.prep4usa.com
www.procesion.org
homolog-galp.prompt-pitang.com
www.psycentraal.nl
aimng.removis.jp
admin.restoplus.com
app.rungrateful.com
music.s20n.dev
shyconsult.com
www.skeddo.com
vilniaus-oro-uosto-parkavimas.snabb.lt
dashboard.staging.snowmonkies.com
sqkiiland.com
templememorymatchbb.sqwadhq.com
astraemails.ssbyte.com
www.startupmanch.in
www.stephenstuff.dev
superthrower.com
customer.swiftlaundry.mx
posdev.swiftlaundry.mx
languages.taurosoftware.com
entregas.telotraigo.app
tfarquitectos.pt
qjexwzyf.thestandingchurch.com
thuctran.dev
efp-dev.tickbird.net
studio.unlockvolume.com
gaan.upobir.com
www.vanity.money
www.vbend.co.uk
mobile.vetzy.online
waterfoil.com
actions-library-cdn.wttech.com.au
help.yep.kr
demo.yepic.ai
yothehumanity.com
birthday-card.zong-ting.com
Other domains in certificate