SSL Certificate Analysis for adm.monigo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=web-launcher.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 09, 2026

Valid Until

August 07, 2026 79 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3E:E7:BB:F1:B8:4D:02:D9:DE:C2:DE:95:C8:5E:70:CD:A6:D5:F5:EB:81:73:A9:10:39:FC:B2:F3:83:AC:A1:E6

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

monigo.com *.monigo.com *.co.monigo.com *.dowcipy.monigo.com *.filmy.monigo.com *.jokes.monigo.com *.kawaly.monigo.com *.members.monigo.com *.movies.monigo.com *.ph.monigo.com *.remote.monigo.com *.video.monigo.com

Other domains in certificate

*.backbone.halo-tattoo.com halo-tattoo.com *.halo-tattoo.com *.users.halo-tattoo.com *.ww38.halo-tattoo.com *.www.halo-tattoo.com

*.admin.mycheckorders.com *.agent.mycheckorders.com *.beta.mycheckorders.com *.bi.mycheckorders.com *.chat.mycheckorders.com *.ci.mycheckorders.com *.demo.mycheckorders.com *.edge.mycheckorders.com *.flow.mycheckorders.com *.flowiseai.mycheckorders.com *.jobs.mycheckorders.com mycheckorders.com *.mycheckorders.com *.prod.mycheckorders.com *.qa.mycheckorders.com *.staging.mycheckorders.com *.uat.mycheckorders.com

*.app.sherex.io sherex.io *.sherex.io *.sol.sherex.io *.ww25.sherex.io

*.cpcalendars.sourcemarkmarketing.xyz *.ns1.sourcemarkmarketing.xyz sourcemarkmarketing.xyz *.sourcemarkmarketing.xyz *.sourcemarkusa.sourcemarkmarketing.xyz *.staging.sourcemarkmarketing.xyz *.ww38.sourcemarkmarketing.xyz

specialinvites.xyz *.specialinvites.xyz *.ww38.specialinvites.xyz

spin2wincash.xyz *.spin2wincash.xyz *.ww38.spin2wincash.xyz

*.mail.trive.life trive.life *.trive.life *.ww25.trive.life *.www.trive.life

typecho.io *.typecho.io *.ww38.typecho.io

*.hostmaster.web-launcher.com *.mail.web-launcher.com web-launcher.com *.web-launcher.com *.www.web-launcher.com

*.crm.westminstermanorapts.com *.mobile.westminstermanorapts.com *.msk.westminstermanorapts.com *.shop.westminstermanorapts.com *.store.westminstermanorapts.com westminstermanorapts.com *.westminstermanorapts.com *.ww17.westminstermanorapts.com *.ww25.westminstermanorapts.com *.ww38.westminstermanorapts.com *.www.westminstermanorapts.com

*.0823221.xrk26.xyz *.0824003.xrk26.xyz *.0824221.xrk26.xyz *.0915134.xrk26.xyz *.0930.xrk26.xyz *.c.xrk26.xyz *.d.xrk26.xyz *.q.xrk26.xyz *.ww25.xrk26.xyz *.ww38.xrk26.xyz *.xn--kttpsa-0h3c9e.xrk26.xyz xrk26.xyz *.xrk26.xyz