Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=credentials.aimbrella.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C5:C4:A9:7D:A8:12:B5:6E:6C:AB:CB:77:6A:0F:68:8D:9D:4E:0A:60:90:E4:64:90:8E:BF:0A:46:D2:E6:86:3C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
constructmonitor.online
www.243technologies.com
a51.studio
www.act-app.com
credentials.aimbrella.com
www.aptfi-edu.com
www.ayashmuhammadhu.com
benjaminanoh.com
www.boxiao.ca
staging.app.careerbase.co
chaui.de
chiclanaguiadempresas.com
bird.claudiocampos.com
addin.contractflows.com
admin.creatyea.com
dev-data-cast.net
djjoelkupis.com
dotnetweekly.com
timeclock.dscpayroll.com
uat-gkmff.finncub.com
www.floindia.com
fluttercommunity.dev
console.fortunehomecare.com
app.getloope.com
ghu.beer
shop.gls-spain.dev
hacklodge.org
app.happy-ratings.shop
homeset.hawry.net
www.hyunmin.dev
www.j-ko.dev
jacksonkuzmik.com
www.jianmiau.cf
www.kudosone.com
leaguelife.net
www.marivipiano.com
app.martinsonmachine.com
www.martnmall.com
beta.medgrocer.io
www.mst-ka.org
www.myferrypal.com
www.nanami7y.com
ffderp.naqelksa.com
skadden.neoufitness.com
test.northweather.com
www.ocufox.com
openux.io
www.opticacuernavaca.com
osekiretreat.com
cancun.pedidomovil.es
hakki.pedidomovil.es
www.pittystop.com.br
www.premium-outlet.com
m.proper-ly.com
psychologischezorgopmaat.be
ramsvilla.com
rawdings.com
medlem.rolling-stones.dk
stage.set.live
em.sgerard.be
app.skaal.io
solver7.com
coordinator.sponsorshipawards.ie
entrant.sponsorshipawards.ie
checkersmemorymatch.sqwadhq.com
dixiestatescramble.sqwadhq.com
raiderscontest.sqwadhq.com
stanislav-lehky.cz
christmas.stlwebdeveloper.com
www.stockrepublic.fi
strike-invest.com
flexify-html.stylokit.com
www.sunmanhm.kr
bodasolanoperez.swanmoments.com
www.tamacountymutual.com
tarot-7.com
auth.teero.com
thegrantsinstitute.com
pixels.topi.dev
toplayers.jp
phangan.tortugacoders.com
track2max.com
truestory.show
tub.by
turfhq.com
www.turfmama.com
ubjective.com
www.ubqtx.com
app.unifize.com
www.urvivora.com
cloud.vipark.pl
l.waik.hu
warleyd.com
stopwatch-soft.wiselywidgets.com
yorubo.com
sandbox.yulamove.com
invitations.zenparking.ro
stage-app.zentility.com
beta.zoomryde.app
www.zyphus.com
Other domains in certificate