Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=donate.isocial.org.br
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 26, 2026
Valid Until
July 25, 2026
73 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D1:87:54:12:EE:FB:24:DB:89:F7:17:5C:AC:A4:B1:05:55:8D:86:5C:AE:91:AA:9E:A0:9A:7D:93:6F:C1:F5:41
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
clock.axischess.com
7sl.in
workspace.acturalab.com
www.workspace.acturalab.com
aluminum-dammam.com
americaisback.info
en.atsa-panama.com
beepable.ai
kiosk.bindimaps.com
joinow.biosashbusiness.com
myhub.blackmind.cl
ess.reg.businesscool.tennis
bytonix.in
caribclimate.com
ceylonfortune.com
chowdragon.com
circuitoabiertoconcordia.com
codexsec.com
demo.collaborative.fm
davepinke.com
dev.bo.oo.dmsoft.tech
eastbayforum.com
estudiojuridicofym.com
www.everythingsatvik.com
fb.eway.vn
www.firefeed.ai
fixupautoparts.online
www.fixupautoparts.online
trendtracker.fuckyoumoneycapital.com
www.fulfilled.io.kr
demo.fullstackbigdata.com
www.g-cad.app
gamebard.games
goldensea-conciergerie.fr
gospelgateways.com
gravigoal.com.tr
www.growavesolutions.com
lab.gruvyeducation.com
www.hamdanfsc.com
hatchbase.io
heracorporation.co.jp
hypersona.ai
firebase.was-website-stage.ibtik.com
donate.isocial.org.br
www.jonathankilpatrick.me
jounco.com
konfety.app
main.kumunua.kr
lighthousemenonnitechurch.com
megabiteco.com
misraulger.com
www.misraulger.com
memorize.murata0705.com
murdermysterylog.com
www.mycluetivity.com
homes.mygonetwork.com
www.newbiathlonworld.com
apk.newsengine.co
nicehotelanamur.com
anekosysi.nihoninanutshell.com
nilerobot.com
noqatii.com
guides.novamynd.com
novusexpensetracker.com
okaax.com
olga-pasko.dk
links.onduo.com
digital.otsatoa.ee
otsatoa.ee
pizzasapricorbera.com
www.poptacular.com
www.imtiazalkabir.pro.bd
valets.pro910.com
ops.promptprofitstudio.com
hodnotenie.pudis.sk
login.quartzora.com
app.raya-rideasyouare.com
registerwithggssc.com
www.registerwithggssc.com
www.relentless-club.com
rossandsonsltd.co.uk
app.rushmanage.com
www.skillix.com.au
staraxy.com
supervagas.com.br
www.swimpion.com
termlimitsrequired.com
json.theboringtools.com
jsonformatter.theboringtools.com
therealstudios.art
webapp.ticketcard.net.br
tiginsoftware.com
www.tiginsoftware.com
kan-jyuku.tochikaokuchosashi.net
vicobali.my.id
qrapp.visorus.com.mx
www.vitolero.com
websyestrategia.online
www.weftkit.com
ynews.ai
Other domains in certificate