Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=open.aigominavi.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 27, 2026
Valid Until
April 27, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:CE:1F:9E:A6:3C:BE:9A:C0:B5:8D:73:61:6C:07:FA:E0:96:AA:3D:D5:B0:63:66:84:41:19:88:BC:96:31:E5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-efOgArkLPcqf33riRE_GkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
txturl.io
re.10point.ai
auth.adamedmunds.dev
agileccpm.com
open.aigominavi.com
ajedrezaspiracional.com
amysbeautyspa.com
ashrafthamir.com
links.aspiriakc.com
attenai.com
advent-sawston-test.autolomate.com
dashboard.aylab.eu
bbtlbb.com
www.bequali.com.br
triangula.bmgomg.com
bookloop.co
www.bwbresidential.com
cateron.lk
qr-cz.ciasecured.org
cndsoftware.com
quiz.easyboard.co.in
www.kevinknits.co.in
www.danielriesen.ch
datacatalysis.com
datispro.com.br
degani.design
der-studienkredit.de
www.displayon.cz
dokidoki.cafe
www.edition-nef.com
backend.staging.einfachgast.de
goko.backoffice.emporix.com
community.enhearten.io
koru.esseciconsulenza.it
www.executestudio.in
syzygy.fox-hound.co.jp
collegeprep.fullmarks.io
gamesurv.co.za
www.gessoportoseguro.com.br
grigoren.com
www.haljastuskalkulaator.ee
blog.haythoo.net
admin.healthtracka.com
caregiver-preprod.hercare.se
hmh.kr
www.iaramichel.com.br
inmobiliariaintegral.com
suitability-demo.joinavenir.com
firebase.kaidanuniverse.com
keephq.com.au
www.kemi-tornionlentoasema.fi
kinclinics.in
menu.liffi.ch
lysandralux.com
www.manasvini.space
massiv.cc
meinevitabilanz.de
www.moodadvantage.com
bo-laget.demo.movello.se
mysteryabyss.com
lspassagens.net.br
oghenekparobor.xyz
www.pgelogbook.com
covid.pirassununga.net
www.pirma.lv
dezka.promyka.cz
link.dev.prox.chat
raidhub.team
rajahtaa.com
ravindrasinghshah.com
reelenglish.com
rewyre.app
labs.robotcandy.ai
www.rutherford-nj.com
sakhaingcebo.com
bills.sanhei.ch
shibatastreet.com
forms.simplygenie.site
pro.sprel.app
www.stefan-blattmann.com
bs21check.thai.run
todonote.de
www.twogirls.cz
www.uddeshyachoudhary.in
staging.admin.vclass.ac
vendostream.com
www.venetrans.cl
victoriazamah.com
www.vikrantfernandes.com
virtue9consulting.com
app.viska.com
voicedbyashley.com
man.vrk.one
www.we4consultancy.com
admin.weezer.fr
wgudegree.com
www.whatsilent.com
wisphero.com
reservas.wokiapp.com
www.youngwoosteel.com
Other domains in certificate