Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.monmenu360.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 30, 2025
Valid Until
December 29, 2025
34 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
59:AE:71:19:0F:9E:F3:0A:BE:1B:B7:16:00:6E:11:04:E5:3C:E0:81:CF:6A:3B:DA:04:8F:B6:0E:20:CC:37:DE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
codexqr.com
4drec.com
abalogix.com
meets-dev.acami.io
ahsanshakeel.com
hqdevel.ala15v.com
amcostudio.net
anassndri.com
fenom.bambumeta.software
bonies.club
staging.bonx.tech
www.bucatekel.net
cabngocluj.com
busquetsabogados.cloudframework.app
cmdt-exhibition.com
exceed.com.uy
www.concertata.io
creditoperola.digital
www.cristianreyes.net
cuadrosboutique.com
datula.ai
denisondds.com
auth.educup.io
partner.eeze.co
www.elektroamper.hu
app.esn.pl
console.estatestats.com
eurosea.in
po.farm66.com
www.fatackhomecare.in
delivery.fawrn.com
femwas.org
fineandfurious.com
dashboard.foodometer.app
forenixtech.com
firetest.getfilta.com
qr.gudmundsson.com
www.hlolacare.co.za
hotelacaciainn.in
hyla.io
imonitapp.io
business.inzarys.eu
www.iot-cntech.com
istandwithpalestine.com
www.ittae.io
www.jgarvidsson.dev
kipruto.io
teste2.lupi.delivery
majorgamesdaily.com
www.mandalart.me
www.martinjohnhearty.com
massagetherapy.org
matthewkee.ca
maximbouckaert.be
veelgesteldevragen.mcdonaldsnederland.app
www.mgkhalid.com
auth.mochaaaa.dev
app.monmenu360.fr
ostechnologies.mooo.com
www.mybetterbodyfitness.com
mybitsolutions.in
auth.mythsmith.app
www.naturedot.in
www.neocalc.sk
nightmoves.ie
www.ozak.co
paddie.io
www.personas.de
www.phroob.com
bestellen.pizzeria-nihat.de
www.powergreedwarandweed.com
www.primevillalonavala.in
tienda.rappidtech.com
rehablytics.com
saleck.fr
www.securelogs.com.au
iron-staging.seramont.com
stg.skonnect.io
spacefelt.com
www.stousn.at
app.tactiq.io
www.teashopfranchise.in
movie.thanawat.dev
greenleaf.thediners.in
topsmart.ca
demo-c.travelnow.app
triangula.com
www.trumoto.pro
kanpu.turnosweb.app
sialamaluca.turnosweb.app
veterinow.it
app.vifil.com
www.vigneshsudhakar.com
kdlwebrenew.webrenew.ca
www.zeronex.app
beta.zonotho.com
zooesis.com
admindashboard.ztcona.com
doctordashboard.ztcona.com
hospitaldashboard.ztcona.com
Other domains in certificate