Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=aid-air.co.il
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
85 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
84:5C:F1:90:59:3E:EF:9C:62:DB:25:0C:D9:14:67:EB:03:B3:FE:47:02:FF:F0:84:D3:E4:F3:2E:48:41:34:AE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
apotex360.com
100s.tv
www.airlinetariffs.com
vania-servico-corp-010922.aisessment.com
console.staging.akademy.dev
albert.mx
alignchiroclinic.com
www.alvieapp.com
financemanager.anirudhrao.dev
arznei-und-haut.de
www.baasi.app
behindthegate.io
soc.bienparabien.com
bridge.billview.com.au
www.boris-admin.at
sms.borisutgroup.com
boylstonwrites.com
www.cafeyvr.com
jupiter.app.capnovum.com
chefstab.com
www.clearchoiceinspectionsllc.com
clyvern.com
cmeld.com
aid-air.co.il
finrates.co.in
www.colrfind.com
casper.column.us
ai.ipromise.com.tw
computersystemsint.com
dev.creatordb.app
www.creekfieldstudios.com
cristinacases.com
crystalsesthetics.com
www.danfis83.info
datkanikzelf.nl
dermfocus.com
sandbox.dev-data-cast.net
diemm.com
stg.docinsights.app
douvk.co.uk
portfolio.early-bird.dev
www.fantasytrackball.com
fintprosjektet.no
fll.app
freie-traurednerin-dueren.de
frenziq.com
dev.getswam.com
rich-stg.gocad.de
www.gotradeindia.in
guide.healthpulsenow.org
ingenieriaenagrimensura.com.ar
au.ipcmobile.com
iqreno.ca
keeppaper.com.br
www.larenaissancegourmet.com
lensifyme.com
letztok.com
lifeisprecious.uk
lilianhedevin.fr
www.muddysole.com
www.mytaskpadapp.com
tidy.nattyjs.com
www.nexagro.net
www.obi1.io
olgacarpenter.com
photo-id-creator.pardi.dev
piclab.com
prepdup.com
proteus-security.com.br
pxiplays.com
dropzone.apps.my.remarkable.com
www.rip-wallet.com
siegfried2022.roomin.app
saintemmo.world
salesgod.co
www.scratch2screen.com
sfbportfolio.com
www.shineepoxy.com
dashboard.sky-boy.com
login.snippyly.com
new-direction-ira.solerabank.com
www.song.co.uk
auth.songcraft.io
www.spatzvomdach.de
chiefsfordtailgateadmin.sqwadhq.com
cloudcomputingbeginner.app.studybuddy.guru
sunriseconcept.com
www.szymczak.dev
www.tambolabook.in
userbitapp.com
www.vantagetools.com
static.vezham.com
nbnliving.tickets.vlivemedia.com
wasiayub.com
watermark.ink
www.whendidthathappenbook.com
app.wotime.ch
www.yumdices.com
docs.z2h.site
zeirho.com
Other domains in certificate