SSL Certificate Analysis for app.onix.zone - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=dreamer-cube.reviews

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 21, 2026

Valid Until

May 22, 2026 87 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

41:C6:E6:17:B9:1B:44:EA:0C:A1:D7:D8:72:5A:50:88:D7:C1:01:58:68:8D:12:AC:B0:AF:FA:46:1B:17:3C:3E

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

onix.zone *.onix.zone *.api-1.onix.zone *.app.onix.zone *.beta.onix.zone *.ww2.onix.zone

Other domains in certificate

16lies.com *.16lies.com *.hostmaster.16lies.com

*.app.aurelian.website aurelian.website *.aurelian.website *.www.aurelian.website

codeinfo.solutions *.codeinfo.solutions

cumicoy.com *.cumicoy.com *.smtp2.cumicoy.com

*.6e8120d7-6d8a-4027-ba84-ac24229daea2.dreamer-cube.reviews *.api.dreamer-cube.reviews *.dev.dreamer-cube.reviews dreamer-cube.reviews *.dreamer-cube.reviews *.www.dreamer-cube.reviews

howtotrackacellphone.co *.howtotrackacellphone.co *.ww25.howtotrackacellphone.co

kipsolutions.co *.kipsolutions.co

*.003021da-0e13-4960-9e21-12972106f97b.min88sport.site *.api.min88sport.site *.app.min88sport.site *.be5a6c27-c349-4e6c-8707-cf54df71756a.min88sport.site *.ceqhhostmaster.min88sport.site *.demo.min88sport.site *.dev.min88sport.site *.eceqhhostmaster.min88sport.site *.hostmaster.min88sport.site *.members.min88sport.site min88sport.site *.min88sport.site *.qmuukhostmaster.min88sport.site *.www.min88sport.site

*.2013.moh.com *.basim.moh.com *.bay.moh.com *.dhis2.moh.com *.dj.moh.com *.elearning.moh.com *.gov.moh.com *.l-wp039k05atocr.moh.com moh.com *.moh.com *.sa.moh.com

*.belong.nestnorthern.shop *.horseshoe.nestnorthern.shop *.indication.nestnorthern.shop nestnorthern.shop *.nestnorthern.shop *.twelfth.nestnorthern.shop

*.bootlegs.pearljamfm.com *.c.pearljamfm.com *.cininnails.pearljamfm.com pearljamfm.com *.pearljamfm.com *.test.pearljamfm.com *.tests.pearljamfm.com

*.sitemap.solpiscinas.com solpiscinas.com *.solpiscinas.com *.ww25.solpiscinas.com

*.579a1e9d-2ba7-40c0-8c98-93f381ca907e.stanard.at *.admin.stanard.at *.emv1.stanard.at *.ftp.stanard.at *.lido.stanard.at *.mail.stanard.at *.sqjmfztd.stanard.at stanard.at *.stanard.at *.tuba.stanard.at *.wew.stanard.at *.ww2.stanard.at *.www.stanard.at *.ycjvkugd.stanard.at

tranquitouch.info *.tranquitouch.info

*.school.vleac.com vleac.com *.vleac.com