Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.monkeyreferrals.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 20, 2025
Valid Until
January 19, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E5:1D:30:35:D8:5E:0A:DB:BD:A3:00:70:73:DC:B9:79:08:C6:BC:40:DC:54:10:18:F0:C7:0A:C3:A4:E8:67:83
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
apcpl.in
www.austinvanrider.com
avgaccounting.app
az7s.com
babv.cr
bestde.site
bigbidder.in
www.bringdesign.net
built-by-isaac.com
casamasa.mx
rewards.citypride.org
www.co-herent.com
app.conalyz.com
cravee.in
cvmagnolia.consulting
www.danielsilveroak.com
app.dcardapp.com
www.delightingdesign.com
pnd-c.dev-ltl-xpo.com
digitaldivotgolf.com
www.dlautomate.com
dev-linkgenerator.dreampay.com.br
www.drfportal.com
app.ecgpro.ai
www.ecoservicios.pe
quizcraft.edvantalabs.com
ember-tech-solutions.co.uk
www.endoidou.com
enfermerochevere.com
messe-digital.enra.app
espoonrauhanyhdistys.fi
moderator-ca.examind.io
flexepark.com
flyingpigdecks.com
framonft.com
frutechsoftware.com
gemttoken.com
estudioapp.jalisco.gob.mx
towertop.gongarce.io
run.heychao.com
wallet.heysalad.app
himitsu8.com
hiredesmondjones.com
templatio.humexd.com
ravis.infinitifood.com.br
admin.iswaasth.in
jjinformatics.com
deals.test.jucy.com
www.justdrive.app
kcinteriorsltd.co.uk
landonsandybeach.com
lewarek.org
www.lifemock.com
wallet-v2.lode.one
www.lunarcal.com
www.mazagat.com
m.mazdadesherbrooke.com
www.meeslumane.com
mastodon.misfitguardians.org
www.monkeyreferrals.com
mustpool.com
naniboronat.com
naturwell.com.au
neurorehabilitationcentre.com
oraloapi.com
quantifin.org.za
www.palidwor.com
patientfirstny.com
pcu-university.com
demo.peec.com.co
www.playibiza.net
app.plusta.app
app.pointblank.fm
www.potentialsurface.com
pranaynarang.dev
psahay.net
purebodysculpt.co
templates.purephotos.app
devadmin.qfix.ai
www.refame.com.mx
roserockdental.com
www.schubert-schwall.com
www.smartmenuec.com
taicerhub.com
www.tanyasnodgrass.com
www.teamgigray.com
techymark.in
www.theingenuity.foundation
tuyu.app
accesos-boletos.uanl.mx
ub6cars.co.uk
unesurprisede.com
vedic-puja.in
veterinariauniverso.com
vetrastudio.mx
waytislao.com
diweb.web.id
www.whyn-ttt.fr
wodfactory.app
yobi.space
Other domains in certificate