Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=design.aimmo.ai
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 20, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1A:13:2C:D2:A1:C9:CD:8A:1C:53:26:71:67:2C:A3:1D:D1:E0:63:38:FD:7A:72:92:E1:05:3D:82:3F:59:AB:3F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 6 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
gestao-financeira.site
advisorflow.app
ahmadalhindy.com
design.aimmo.ai
alexlarson.us
www.allthatswrong.uk
almargiardinodicostanza.com
ui.schema.alumio.com
appearedin.com
approyal.net
arquibancadagames.com
www.aurorauniverses.com
conductores.autodriver.cl
batlink.space
buzzgift.com.br
www.cfpilot.com.au
app.clinicaneocor.com.br
www.clsadvogados.com
sendit.co.in
colombiaculta.com
link.staging.mypay.com.my
conectasantaterezinha.com.br
couplendar.app
crew-it.in
cyyy.rest
www.cyyy.rest
firebase.danielherr.software
desagnerserralheria.com.br
app.hamburg.devfest.de
dhikrzikr.com
duofinance.app
signals.earningsahead.com
eldreams.com
elementquest.xyz
embajadadelacoca.com
emergentdata.co
billbook-stage.enkept.com
faceoculta.etics.com.br
eventeros.pe
marapoama.g2canal.com.br
gastify.me
www.gritstory.se
hellovinipta.com
www.hip.world
iamalroberts.dev
app.imbizo.co
integrity-web.com
www.integrity-web.com
lunalife.ktech-digital.com
asvab.kubicle.studio
kokyu.kubicle.studio
matchmania.kubicle.studio
kvrator.de
lachevre.ru
lakecountyin.team
levchedva.org
looplib.com
lorenzbielenberg.com
www.machdaslebenan.de
assets.magma.sh
www.mandaleo.com
dynamic.maulfi.com
mkedepotcounter.com
mykid.fi
www.newmoonsr.com
nftking.jp
nibble.games
nuumee.ai
origincorporatecleaning.com
www.pcu-university.com
platinumpalmproperties.com
platyp.us
weirdnoise.plotify.net
webgl.dev.pochicon.games
coop.prodlings.app
profumeriarizzato.it
quequespz.com
auth.rezume.page
www.rightsofthechild.co.uk
roaadecor.com
safefactorgroup.com
salhail.com
awo.salixhub.com
sweetrascalsdoggrooming.salonxpress.me
dashboard.sierra26.com
parent.dev11.skool.sg
cms.smartplanthome.com
roi-calculator.speechmed.com
react-documents-sandbox.staffshift.com
thats.pl
thisaintpoker.com
business.staging-barber.todakdigi.tech
tournalyzer.com
www.tracyxliu.com
swordfish.unitedfishingagency.com
cloud.unkn0wncat.net
vegasxtickets.com
vizorva.com
xiotch.com
commercial.labcare.zym365.com
Other domains in certificate