Open
Cached
·
just now
91/100
SECURITY SCORE
Certificate Information
Subject
CN=*.eightfold.ai
Issuer
C=US, O=Amazon, CN=Amazon RSA 2048 M02
Valid From
April 11, 2025
Valid Until
May 10, 2026
106 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D7:4E:C4:E8:3B:4D:17:98:3D:49:B6:7C:C7:E9:70:BB:4A:2E:08:D6:A8:EF:CE:C0:8E:8E:0D:E4:C3:EC:02:DF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
default-src; connect-src; frame-src; +6 more
default-src 'self' div.show blob: https://vd.vidoplay.com ; connect-src * blob: blindfold.ai ; frame-src * blob: docs.eightfold.ai https://dev.careerhub.microsoft.com https://login.microsoftonline.com https://*.docusign.net https://*.docusign.com; img-src * data: blob: ; media-src * ; script-src * 'unsafe-inline' 'unsafe-eval' 'self' blob: data: ; style-src * 'unsafe-inline' blob: ; font-src * data: ; worker-src 'self' blob:
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
48 domains
careers.dexcom.com
careers.10xgenomics.com
jobs.cerner.com
campuscareers.costargroup.com
careers.costargroup.com
elevate-stage.dcsg.com
elevate.dcsg.com
careers.deere.com
jobs.dolby.com
*.eightfold.ai
vchopra.eightfolddemo.com
apply.houstonisd.org
careers.insight.com
emeavacancies.insight.com
jobs.kemper.com
magnitdirectsourcing-chp.magnitglobal.com
magnitdirectsourcing-cnb.magnitglobal.com
join.matchgroupcareers.com
careers.micron.com
careerhub.mskcc.org
directsourcepro-arb.prounlimited.com
directsourcepro-bcs.prounlimited.com
directsourcepro-bpm.prounlimited.com
directsourcepro-bri.prounlimited.com
directsourcepro-bvt.prounlimited.com
directsourcepro-cfb.prounlimited.com
directsourcepro-cgn.prounlimited.com
directsourcepro-cms.prounlimited.com
directsourcepro-crg.prounlimited.com
directsourcepro-diageo.prounlimited.com
directsourcepro-inv.prounlimited.com
directsourcepro-mfh.prounlimited.com
directsourcepro-nov.prounlimited.com
directsourcepro-rch.prounlimited.com
directsourcepro-rmj.prounlimited.com
directsourcepro-spk.prounlimited.com
directsourcepro-svn.prounlimited.com
directsourcepro-syn.prounlimited.com
directsourcepro-umg.prounlimited.com
directsourcepro-wky.prounlimited.com
careers.ptc.com
jobs.roblox.com
careers.teladochealth.com
trimblecareers.trimble.com
jobs.trinet.com
jobs-qa.whirlpool.com
jobs.whirlpool.com
careers.zebra.com
Other domains in certificate