Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=iaminx.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 28, 2026
53 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
31:9E:E2:4A:97:96:F1:5F:5A:DB:BA:2C:1C:95:98:27:44:C2:D6:6B:01:DD:AA:DE:28:6D:2A:F3:1F:CF:E2:6C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-LCop5LQ22Iqf7Q4XaBIGPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
karaoke-link.dev.topia.tv
rstbrands.3dcloud.io
tech.aiempower.ca
ajarat.net
andresrios.us
www.anikgupta.me
oassessor.app.br
arkaisecureware.com
asrango.org
wa.autobiz.in
app.bananalistapp.com
www.bedrockhealthsolutions.com
www.blijfietsen.com
link.byqian.com
www.byteleapllp.com
caffeboutiquenovecento.it
cartooncoin.fun
www.choosy.us
burritokike.clau.io
royalecookiebar.clau.io
sivaganga.yazhdroptaxi.co.in
app.talantakazi.co.ke
coincommons.io
www.coincommons.io
collabo.studio
englewoodherald.column.us
www.san-cono.com.tw
integrate-firebase-pro.dalenguyen.me
davud.fun
dayada.org
ddreamtourr.com
deltaintelligence.ai
v3.demapp.fr
www.devco.at
www.dfworks.xyz
digikompas.link
game.djungelorm.com
erapura.com
www.erapura.com
www.ethos.city
evols.ai
www.fillwithfeel.com
flutteristas.org
admin.forro.se
www.giuseppegadau.it
login-bookingroom-test.goreply.net
www.hesapbende.net
iaminx.com
indu40.com
www.ismecka.cz
gerenciamento.israelfrota.com.br
jutil.org
kadcollective.org
laurenpitruzzello.com
longjourney.digital
app.mansolution.it
www.marklew.is
marohoshi.online
mediastock.com
munnar.online
www.mvrefrigeracion.cl
mycyclone.in
menu.mynuutheapp.com
www.nunixsoft.com
www.omnirecords.co
www.opencontact.me
orbitaltemple.art
central.partsportal.co.za
www.praxixel.tech
rodrop.com
rolestracker.com
www.ryzyko-zlaman.pl
saunatimenow.com
scurt.us
www.seanfinegan.dev
resume.sethdavis.name
blue.preview.shortwave-staging.com
www.sim-crew.com
www.singinglessonsbrighton.co.uk
www.skanelag.com
socialdayfest.com
stephenfrancis.online
booking.subirte.com
app.successio.pl
www.tcpsolomon.com
www.tecspert.nl
templeofpromise.com
thinkchampion.com
ticketwallet.nl
tlt-recruitment.tnvura.dev
www.toraymakine.com
tradersconnectionsgroup.com
tt-promotions.nl
collaborate.tullystaging.com
www.verbalhero.com
vocecria.com.br
serviceability.wisperisp.com
splash.pwa.wonkytech.net
www.wordunsilenced.com
wpiathleticcamps-clincs.com
Other domains in certificate