Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=apps.botmoon.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
EB:51:25:B3:95:81:2B:F2:99:4A:59:C0:D6:14:AB:D5:4D:32:9D:33:58:56:CC:74:3A:15:84:31:94:97:2F:70
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
about.design
www.alchinfarm.com
unblockit.alignitgames.com
www.appwizards.cz
ariankazemi.com
www.arkagamestudios.com
admin.arrsquared.com
www.asharp.ca
askars.net
www.auradata.com.br
balancify.app
admin.at.bbi-bildung.de
benele.de
apps.botmoon.com
app.calendoo.net
candl.fan
www.cedarmingle.com
chatsync.me
nubalia.cloudframework.app
www.cobind.in
www.cognatatechnologies.com
app.fbcsports.com.fj
belka-kancelaria.com.pl
deliverylinkng.com
www.dickverbunt.nl
elietshiapps-eta.com
elina-ai.com
eluvaan.com
shp.soundarahari.eu.org
www.event01.app
formulaire-marss-fbc.com
www.fruitfulminds.co.za
www.funshare.app
www.glams.ai
gomoney.cl
count.grevling.dev
dev-restaurant.gupshup.io
www.heardit.io
www.heycitrus.com
www.highlevelmath.com
game.hokin.tech
s.horiz.io
links.imperiumlarp.com.br
www.infiz.pl
www.isacorretajes.cl
www.jrmoulckers.com
www.kalingainnovation.com
omniversity.karmyog21c.in
panel.lavanta-group.com
www.levii.app
www.librums.com
www.linkmyride.co.uk
liveinahive.com
transform.makkan.trade
www.massena.com.br
www.mixinfire.com
app-tst.mmseas.com
www.mooney.news
it.morsodifame.com
shop.motherwine.dk
www.neuralfeed.ai
nobound.app
oath.email
www.omasoftware.com
www.seeat.or.kr
p8fxtrading.com
www.paraponzi.it
app.plusadministracao.com.br
prince-plastics.com
bubbolitasparis.order.pulp.eu
intralinks.redacted.ai
remixist.com
shop.resterdigital.com
test.riyarana.com
esports.ronne.dev
rraasi.com
www.sayfabulmaca.com
semolina.solutions
link.shadowfax.in
vidaativa.sogafit.net
sooparc.com
www.starovekanubia.sk
www.swimfortri.co.uk
www.syllabaselearning.com
app.terminvereinbarung.eu
tetohutes.hu
theaprilmedia.com
shop.thecityfarmcafe.org.uk
treets.org
www.tripletise.be
trust4.us
dev.ericsson.quiz.thrive.uk.com
uruz.id
app.vent.ly
vlpl.group
wijin.academy
dev.wildr.com
mta-sts.willtheory.com
auth.worstenqueue.nl
zaiqacaterer.com
Other domains in certificate