Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=busbusproduction.mgsapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 20, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6A:D7:29:C5:96:2E:F3:55:03:6D:36:AA:CE:D1:50:9F:35:45:6A:AE:9C:D0:BA:D1:71:34:55:8A:67:02:F7:92
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bloomflex.com
11521160.stratics.io
mobile.aidlab.com
www.alexwoodhouse.co.uk
ambitieaccountants.nl
stg-redirect.any-creator.com
aquiferproject.org
admin.arion.run
www.awarenessindev.com
www.ayakashi.org
beeyard.io
www.bisericabetaniacluj.com
app.blackrose.cloud
my.bodyfast.app
bugsassess.bugsmirror.in
www.cannahail.com
cerconsultoria.com
cialiseczane.com
www.1qr.co.in
healthhouse.co.ua
colellagomme.com
falseworldgame.com.tr
commercial-tech.com
www.comproautoverona.com
craftylizarddesigns.com
developer.crazygames.com
csc-ca.com
dengg.app
do.app
panel.domzis.net
www.dragonsfireforge.com
beta.emce.app
www.epic.vision
fingermanga.com
fitatom.app
www.followthelight.gallery
fonoshoot.com
formfabric.com
www.francescopiazzimusic.com
portal.freshoffice.co.nz
www.gapcrossdev.com
getbunpo.com
getreplayapp.com
gotoodle.com
www.gudbong.com
app-links.guruwalk.com
www.hadivanessa.com
www.halopartners.in
healthlynx.co
admin.innovation-journey.com.br
ivndb.com
iyadmarzouka.com
jibcode.co.za
journeytotoday.com
d2l-predev.klarway.com
diffcons.koen.in
ulink.lalalab.com
lesminouski.com
www.marchmadnessmarket.com
maruni.work
mateocardona.com.ar
mugeveryword.merchandisebot.com
mesbro-jobs.mesbro.in
busbusproduction.mgsapps.com
michael-roeck.at
api.modernshare.com
link.newschool.app
login.nextzenlimited.com
chip8-emu.noizman.com
www.novatis.it
okason.app
omniseum.tech
webeditor.sola.or.jp
links.papajohns.pl
links.parco-app.de
history.peerdustry.com
www.pinmasters.app
placetell.net
via.posstaging.point4more.com
www.polyai.ca
posturepanda.com
www.propertykompare.com
q-u.pw
qareen.co.uk
www.rockinsp.com.br
rui.cool
gestway.salden.it
ranking.sensar.nl
sentimllc.com
manage.silverfoxmetals.com
snert.design
speakenglishonline.app
projekte.spenoki.de
spiritualpod.org
ticketgenius.ai
translate.ton.surf
www.toptec.com.ar
webapp-production.tournafest.com
www.vengo.tech
r.wematica.com
Other domains in certificate