Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=admin.affilimate.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
54 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
33:17:4C:FB:00:CD:D8:40:B4:CD:9C:1B:19:16:30:0F:E8:7B:37:75:07:A1:07:4B:AD:31:9C:98:35:28:10:89
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
britlenacleaningservices.com
3f-immobilien.de
app.toppave.acuizen.com
admin.affilimate.io
www.alexcerezo.com
www.amitgunjan.com
dev-dlink.amsable.com
link.app-nu.co
www.audiodescribedart.org
avahub.org
availhub.org
baileyconradt.com
www.bibliothe.ca
status.bienparabien.com
boutique-hanin.com
zzvrtest.brazzers.com
cartershadden.com
www.casadepevale.ro
celestiahub.org
chefinspiruje.pl
www.chiropractorgb.com
www.chrisaube.com
cnysef.com
www.doforme.co.il
www.coderdojo-enschede.nl
coderesting.dev
player.colada.biz
test.cronapp.cl
dev.cydocs.cl
dl.daleelak-app.com
www.datapony.co
digitaidot1.edukamu.fi
etherskyboxes.com
fastcade.com
www.fedshift.com
www.florianbieck.com
fraternal.app
www.gamkasafaris.co.za
sinttruiden.gemeenteraad.live
preprodv3-onboarding.getfinstack.in
preprodv3.getfinstack.in
staging-app.getonform.com
download.getorda.com
ghoul.world
gibarsys.pt
eventos.grupomepiel.com.mx
chat.haxorai.com
heavenlyx.com
kontorbygg1.henther.no
www.hlavac-business.com
www.infantcaredataset.org
inventinside.com
www.leerkosten.katalysatorduravermeer.nl
www.zecalc.katalysatorduravermeer.nl
www.kumarorganic.net
lastmiledv.com
app.lifecarenetwork.io
www.listoapp.co.uk
loblollysoftware.com
manasvini.space
www.massagestudio-harmonia.ch
masterdebater.net
stamboom.michelcapelle.nl
momente-der-ruhe-gudensberg.de
whistle.moradas.app
www.myabaya.qa
www.navitasenerji.com
www.new-adventskalender.de
palatinegames.co.uk
hitbox.paloaltours.org
booking.partynail.com
golf.patrickrottman.com
admin.pgtf.pk
piggibanks.com
www.pikr.tech
poddy.app
www.powow.co
www.ppw-fahrzeugteile.de
prcodecraft.com
www.printinsurancecard.com
qubitam.com
www.racketcountryclub.com
recoveringtheplot.com
retrogametracker.com
www.rocketbraingames.com
www.s2d5.com
saffroncompass.studio
pebble.sensemake.org
mobile-dev.smartgroups.io
www.teknoma.net
paradyz.theviewer.io
soren.thezaisers.me
thomashugo.com
dev.portal.tinyreaderspublishing.com
cumiadmin.tsoftware.ch
usatradeexports.com
www.vntracuu.com
rwl-demo.weatherlogics.com
wllnr.nl
www.yoshiki-omata.com
Other domains in certificate