SSL Certificate Analysis for superops.ai - Security Grade & TLS Configuration

Open Cached · just now

89/100 SECURITY SCORE

Certificate Information

Subject

CN=*.superops.ai

Issuer

C=US, O=Amazon, CN=Amazon RSA 2048 M04

Valid From

November 17, 2025

Valid Until

December 15, 2026 373 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DF:04:7E:B0:2D:D7:A5:1A:49:BF:65:5D:D6:1A:84:7F:40:73:32:F7:C4:83:CE:04:F5:17:36:42:46:BE:46:E6

Alternative Names

2 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=63072000; includeSubdomains; preload

Content-Security-Policy

Basic

frame-ancestors; base-uri; default-src; +13 more

frame-ancestors 'none'; base-uri 'self'; default-src self; script-src 'self' 'unsafe-inline' 'unsafe-eval' 'wasm-unsafe-eval' https://*.6sc.co/ https://px.ads.linkedin.com/ https://*.superops.ai https://ddwl4m2hdecbv.cloudfront.net/b/4N210H5MK46Z/4N210H5MK46Z.js.gz https://cdn.popt.in/ https://px.ads.linkedin.com/ https://r2.leadsy.ai/ https://scripts.clarity.ms/ https://static.ads-twitter.com/ https://static.elfsight.com https://*.licdn.com https://www.youtube.com/ https://*.elfsight.com https://*.liadm.com/ https://hcaptcha.com https://*.captiwate.com https://cdn.vector.co https://*.optimonk.com/ https://*.hcaptcha.com https://*.salesloft.com/ https://cdn.dreamdata.cloud/ https://s3-us-west-2.amazonaws.com/ https://bat.bing.com/ https://*.partnerstack.com/ https://*.getwarmly.com/ https://*.vwo.com https://*.visualwebsiteoptimizer.com https://js.zi-scripts.com/zi-tag.js https://*.smartlook.com https://*.smartlook.cloud https://web-sdk.smartlook.com https://static.zohocdn.com https://cdn-in.pagesense.io/ https://unpkg.com/ *.mouseflow.com https://load.sumo.com https://tracking.g2crowd.com https://app.revenuehero.io/ https://js.hsforms.net/forms/v2.js https://revenuehero.io/ http://fast.wistia.com/ https://fast.wistia.net/ https://cdn.cookielaw.org/ https://www.clarity.ms https://cdn.mouseflow.com https://cookiehub.net https://dash.cookiehub.com https://app.factors.ai/ https://js.na.chilipiper.com/ https://widgets.openli.com/ https://secure.copy9loom.com/ https://script.hotjar.com/ https://static.hotjar.com/ https://optimize.google.com https://static.hsappstatic.net https://meetings.hubspot.com https://cdn.jsdelivr.net https://lambdaapi.superopsbeta.com/ https://lambdaapi.superopsalpha.com/ https://lambdaapi.superops.ai/ https://widget.intercom.io https://js.hs-banner.com https://www.google.com/ https://js.hscollectedforms.net/ https://js.hsadspixel.net/ https://fast.wistia.com/ https://fast.wistia.com/ https://js.hs-analytics.net/ https://js.intercomcdn.com/ https://script.crazyegg.com/ https://www.google-analytics.com/ https://googleads.g.doubleclick.net/ http://script.crazyegg.com/ http://www.googletagmanager.com https://www.google-analytics.com http://www.googleadservices.com https://www.redditstatic.com/ http://js.hs-scripts.com/ https://js.intercomcdn.com/ https://www.google.com https://www.gstatic.com https://js.hsforms.net https://forms.hsforms.com https://connect.facebook.net *.crazyegg.com; style-src 'self' 'unsafe-inline' https://*.vwo.com https://api.fontshare.com https://db.onlinewebfonts.com https://*.optimonk.com/ https://cookiehub.net https://dash.cookiehub.com https://optimize.google.com https://js.na.chilipiper.com/ https://fonts.googleapis.com/; object-src 'none'; form-action 'self' data: https://lambdaapi.superops.ai https://superops-intercom-search.netlify.app https://superopsalpha-html-page.netlify.app https://lambdaapi.superopsalpha.com https://canny.io https://intercom.help https://forms.hsforms.com https://forms.hsforms.com https://intercom.help/; font-src 'self' data: https://cdn.fontshare.com https://fonts.intercomcdn.com/ https://db.onlinewebfonts.com https://cdn.fontshare.com https://fonts.gstatic.com https://js.intercomcdn.com/ https://*.captiwate.com; connect-src 'self' data: https://api-us-west-2.hygraph.com/ https://*.superops.ai https://api.bettermode.com/ https://ws.zoominfo.com/ https://*.wistia.com/ https://ipv6.6sc.co/ https://img.youtube.com https://tracking-api.g2.com https://*.superopsalpha.com/ https://*.superops.com/ https://epsilon.6sense.com/ https://capig.datah04.com https://px.ads.linkedin.com/ https://www.facebook.com/ https://www.google.com/ https://static.elfsight.com https://fast.wistia.net/ https://*.elfsight.com https://shared-us-west-2-assets-delivery-1b85646.s3.us-west-2.amazonaws.com/ https://*.salesloft.com/ wss://ws.captiwate.com wss://ws.captiwate.com https://*.captiwate.com https://us-west-2.graphassets.com/ https://us-west-2.cdn.hygraph.com/ https://us-west-2.graphassets.com https://*.optimonk.com/ https://*.superops.com/ https://*.vector.co wss://ws.hotjar.com/ https://*.hotjar.io/ https://tracking.g2crowd.com/ https://cdn.dreamdata.cloud/ https://*.ip-api.com/ https://partnerlinks.io/ https://api.ipregistry.co/ https://grsm.io/ https://*.reddit.com/ https://www.redditstatic.com/ https://www.google.co.in/ https://bat.bing.com/ https://*.getwarmly.com/ https://usserv.superopsalpha.com https://euserv.superopsalpha.com https://*.superalpha.com https://*.vwo.com https://*.visualwebsiteoptimizer.com https://usserv.superops.ai https://euserv.superops.ai https://*.superops.ai https://js.zi-scripts.com/ https://*.smartlook.com https://*.smartlook.cloud https://pagesense-collect.zoho.in https://unpkg.com/ *.revenuehero.io http://fast.wistia.com/ https://uploads.intercomcdn.com https://o2.mouseflow.com https://api.revenuehero.io https://revenuehero.io/ https://media.graphassets.com https://geolocation.onetrust.com/ https://cookies-data.onetrust.io/ *.google-analytics.com *.analytics.google.com https://cdn.cookielaw.org/ *.clarity.ms https://canny.io https://*.algolianet.com https://*.algolia.net https://api-us-west-2.graphcms.com https://consent.cookiehub.net https://app.openli.com https://tracking.chilipiper.com/ https://api.chilipiper.com/ https://api.na.chilipiper.com/ https://widgets.openli.com https://api.factors.ai https://in.hotjar.com https://embedwistia-a.akamaihd.net/ https://ws10.hotjar.com/ https://www.google-analytics.com https://optimize.google.com https://tracking.crazyegg.com/ https://lambdaapi.superopsbeta.com/ https://lambdaapi.superopsalpha.com/ https://lambdaapi.superops.ai/ https://api-msp.superops.ai https://serv.superopsbeta.com https://serv.superopsalpha.com https://api.hsforms.com https://api.hubapi.com/ https://script.crazyegg.com/ https://stats.g.doubleclick.net/ https://forms.hubspot.com/ https://embed-fastly.wistia.com/ https://api.ipstack.com/ https://distillery.wistia.com/ http://pipedream.wistia.com/ https://fg8vvsvnieiv3ej16jby.litix.io https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://hubspot-forms-static-embed.s3.amazonaws.com https://analytics.google.com https://forms.hsforms.com *.crazyegg.com; img-src 'self' blob: data: https://api-us-west-2.hygraph.com/ https://*.superops.ai https://px.ads.linkedin.com/ https://*.superopsalpha.com/ https://*.superops.com/ https://*.superops.ai/ https://img.youtube.com https://*.ytimg.com https://analytics.twitter.com https://t.co https://*.elfsight.com/ https://files.elfsightcdn.com/ https://*.6sc.co/ https://bat.bing.com/ https://*.captiwate.com https://us-west-2.graphassets.com/ https://us-west-2.graphassets.com https://*.optimonk.com/ https://*.visualwebsiteoptimizer.com https://embed-ssl.wistia.com/ https://revenuehero.io/ https://optanon.blob.core.windows.net/ *.google-analytics.com *.analytics.google.com https://cdn.cookielaw.org/ https://assets.superopsbeta.com https://media.graphassets.com *.clarity.ms https://media.graphcms.com https://js.na.chilipiper.com/ https://embedwistia-a.akamaihd.net/ https://www.googletagmanager.com https://www.gstatic.com https://www.google.com/ https://www.google.co.in/ https://static.intercomassets.com https://alb.reddit.com https://www.google-analytics.com/ https://forms.hsforms.com/ https://track.hubspot.com/ https://embed-fastly.wistia.com/ https://fast.wistia.com/ https://www.facebook.com https://downloads.intercomcdn.com/ https://js.intercomcdn.com/ https://ct.capterra.com *.crazyegg.com; frame-src 'self' *.schedulehero.io https://static.elfsight.com https://*.superops.ai https://newassets.hcaptcha.com/ https://www.googletagmanager.com/ https://*.elfsight.com https://*.captiwate.com https://online.fliphtml5.com https://superops.storylane.io/ https://*.optimonk.com/ https://rive.app https://superops.trainn.co https://*.vwo.com https://td.doubleclick.net https://revenuehero.io/ https://api.revenuehero.io/ *clarity.ms https://giphy.com https://superops.na.chilipiper.com/ https://vars.hotjar.com https://fonts.gstatic.com https://splineanim.netlify.app/ https://optimize.google.com https://meetings.hubspot.com https://www.google.com/ https://bid.g.doubleclick.net/ https://www.youtube.com/ https://www.youtube-nocookie.com/ https://share.transistor.fm/ https://forms.hsforms.com https://intercom.help/ https://intercom-sheets.com/; manifest-src 'self' data: https://assets.superopsbeta.com https://us-west-2.graphassets.com/ https://us-west-2.graphassets.com https://media.graphassets.com https://media.graphcms.com/; media-src 'self' blob: data: https://api-us-west-2.hygraph.com/ https://media.graphassets.com https://widget.captiwate.com/ https://widget.captiwate.com/ https://us-west-2.graphassets.com/ https://us-west-2.graphassets.com https://media.graphcms.com https://embed-fastly.wistia.com/ https://js.intercomcdn.com/; report-uri https://60d28bd9a22e18d4f42faf2b.endpoint.csper.io/; worker-src 'self' blob:;; prefetch-src 'self';

X-Frame-Options

Excellent

DENY

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

2 domains

superops.ai *.superops.ai