Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=share.iamerica.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:57:6D:CE:53:9E:A9:A5:4A:2B:8B:92:E3:3A:A0:F4:93:91:D9:C5:F8:4D:F2:A9:A9:B7:39:7B:22:C4:94:F5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
devourthefetus.com
allsteel-kongfigurator-test.3dcloud.io
627coder.com
login.aginidhi.com
phytoprotech.agroptimize.com
aisteth.aihighway.org
alitoyou.com
www.andrewjte.com
www.andringafuneralhome.com
applegath.dev
aquila.ug
arcarigioielli.it
www.artshelp.net
awajishima-bridge-form.jp
ayangdesigns.com
invoices.bitalpha.com
bleedingedge.ca
byteinfy.com
app-07.dev.carto.com
www.thecodingfarm.co.in
www.beetit.com.cy
pacificocean-crewing.com.ua
st.juango.com.uy
dev.cornwallambulanceservice.org
craftslab.ch
app.deckdeckgo.com
beta.dhamaka.cricket
divisetsolutions.com
gramopool.duoward.com
epet16-rdls.edu.ar
eueno.io
kiosk.fotoatm.com
calculator.frc4322.com
portal.fyclabs.com
www.gripactive.pl
havenspaces.co
higgsdechirenoscontrats.ca
hkdancestudio.in
www.hostmania.cz
share.iamerica.org
empleadosms.inter.mx
itsonsale.nl
www.jaatapp.com
www.jared-brown.me
mitra.docs.juragankucek.com
kaleidofx.com
bayu.klikada.com
abglp-dev.client.knoxpo.com
console-beta.lastmile.ph
www.app.leadfrompurpose.org
str.leafmusic.net
liquidskylines.city
oauth.luckybird.io
mais.codes
markkurcz.com
audit.fnb.mobilitymojo.com
test-app.mobilyaka.com
www.moncapiten.com
www.mueller-everling.de
lq.nandenjin.com
ndhdp.lk
www.noctre.net
app.oditum.fr
api-docs.onsmartpath.com
palicskazsuzsanna.hu
admin.parmazip.com
poker-toolkit.com
quikweek.com
monoui-storybook.recordunion.com
bg.ronyitzhaki.com
sagradafamilia-sancarlos.com
partner-deeplinks.samaritan.city
www.sameers.me
stage.sectorswithoutnumber.com
www.sheplatform.io
spaceresx.com
splixcube.com
www.sportlabcrotone.it
squillariasesores.com
nmsuscrambleadmin.sqwadhq.com
www.sriharibrs.com
www.ssscrackerssivakasi.in
check.sterin.dev
admin.suicidepreventionapp.com
swiftlab.co.uk
app.tailstreet.com
simulador.tavaresconsorcios.com.br
teckvibes.com
teresaandjamel.com
www.theovasi.dev
floaters.therestinmotion.com
timesmeter.com
trevorselby.com
staging-visitparkcity.trueomni.com
alex.turborad.com
www.utahpedschiro.com
www.visionvanilla.com
yoditexp.com
www.yummymeal.com
link.zones.city
Other domains in certificate