Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=demo.getluna.dev
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 03, 2026
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D9:DB:BD:70:BF:B6:40:DE:78:02:3D:B6:61:BE:AF:A3:C4:74:27:20:93:FC:79:E0:3D:E0:34:8D:30:66:D5:2F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
lifegram.app
2015.devfest.gdg.org.ua
www.9to5.software
www.allinonefitness.ch
www.amanyadav.net
links.amfcmetaflorist.com
andorfiauto.hu
asynchretro.com
www.bakestudio.in
test.bathyaldistrict.com
bdmp.online
npe.beaconforce.com
dashboard.bebabeggie.com
www.bewegungsliebe.info
bharatbheesetti.com
brushly.bullet-mobile.store
mine.casinosenpai.com
cennetcookie.ru
hub.century21dx.com.br
www.claimback.org
www.claimtag.io
erp.pdmuliasari.co.id
moneysign.1finance.co.in
link.colomali.jp
rrinc.quicke.com.pa
www.brisks.com.sg
comptoirdelinde.com
viz.coreofscience.org
www.craigbrogle.xyz
www.criative.nl
www.cyber.mn
delhistreetdog.com
donkeysgonewild.com
drjorgeleyvacarditoracico.com
earrn.app
asistencia.inam.edu.sv
edvinmark.com
demo.estumomentu.com
admin.eventosvillatoscana.com.mx
angus.eventxtra-dns.com
nlb2ctp.fairchain.org
www.app.farmaciasgaleno.cl
finnishairports.fi
demo.getluna.dev
giacopy.com
www.gsaero.com.au
news.guycombinator.net
www.handcart.xyz
stg.hatarepo.com
hexd.dev
www.igot.app
beat3.incept-it.com
www.jahtax.com
www.jaliyanfreight.com
a2b.jetpackpony.ru
www.jimmyarroyo.com
fbtest.kuhave.com
dev.admin.leasera.com
www.lecoursierinternational.com
www.littabook.si
lulago.co.za
mecordi.com
www.mercadodepases.club
mmicunovic.com
mobiler.uz
mypictury.com
www.neod.com
feedback.nextlevel.cz
www.olegkalugin.com
www.orinqo.io
parkulus.com
tipcalc.planetbinc.com
randomcreations.wtf
www.rationalagents.com
auth.reagancreative.com
staging.recovree.com
consultas.requiero.app
www.revelacha.com.br
apk.richter.tirol
go.ridersmap.app
www.rollingspringslabs.com
ryanstest.com
samply.app
muzeu.sci-web.ro
seanmarney.com
simnett.app
skypatch.dev
archup.sld.codes
stakhey.com
stephenmellor.uk
content.storydna.app
thecreativemobile.com
theportalguru.com
www.viziere.totalgravura.md
twopagegames.com
vintagehightech.com
www.wadeandcoral.org
www.wimdyentertainment.com
cube.yd-dev.ovh
app.zeropos.in
Other domains in certificate