Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=link.monfood.co.kr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 23, 2025
Valid Until
March 23, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
79:B3:E4:EE:1A:BD:F1:8D:89:FB:FA:2E:7D:CA:EB:3B:75:AB:23:AF:A7:E4:DA:29:BE:16:EB:D2:2A:5A:41:B0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
museumplatform.redia.dk
qa5007.academap.com
wycombe.academytrial.com
adelicieux.fr
admin.aep-cloud.com
fund.backrr.com
admin.backyardbuilding.com
barlink.co.uk
bartvermaercke.be
www.app.biasharamakini.com
game.bonusskate.com
presales-demo.bpmbuild.app
www.buildthenmarket.com
bus.so
soporte.cafynet.com
app.call-levels.com
link.monfood.co.kr
crustfirst.com
static.danrcohen.com
dblplayco.com
deimantas.dev
admin.dev.dena.com
drateresagomes.com
stag.invite.ecoe.vn
applications.elitescholars.co.za
www.energywebnfts.com
www.evaluni.com
executeventures.ca
finhay-dev.finhay.vn
firsttimehome.net
gestionaxmas.com
getcontractorpro.com
sebastian.ghiveci.com
www.gigwork.city
data2.gitekidb.com
globalkidsgarden.in
grayparroteducations.com
greggfoods.com
healthcareherohotline.com
www.hivebloom.com
hmayo.com
houseofechelon.com
ianisparfait.com
spartansjlt.impactwrap.com
khaosat.inbot.link
app.inspemax.com
jaisakthipapers.com
www.jasonzlou.com
jordans-store.shop
www.jtsnorthwest.com
links.live.karkinos.in
karmuh.app
invite.kebunapp.com
partners.leezair.com
letsbematez.at
libertytips5.com
www.magna-mea.com
portfolio.maripi.net
meenakshifoods.in
www.migration.investments
app.dev.molzait.com
cpe-admin.nata.dev
neviovalsa.com
auth.nozzle.io
www.nszdev.com
nursingexampro.com
rei-staging.pac-edge.com
parea.io
pbasego.com
personalpilatesclassico.com.br
www.playreddog-online.com
invites.pozoltech.com
projectcapsule.me
www.pung.me
rotation.cf
api-dev.safeshepherd.com
www.scorelytix.com
shiftzap.com
staging.skillseastriding.com
smo.cx
somnayak.com
react-staffing.staffshift.com
virudhunagar.supercabs.in
www.swservice.biz
tails.wtf
taniasearockhotel.com
dump-buster.teamdev-integration.dev
noticiasdopaysandu.tempoparalelo.com
www.thackerchangwedding.com
alljapan2022.toride-keirin.com
docs.trellisconnect.com
fide.trustin.app
www.walletpayment.net
michiganfarmbureau.qa.wallit.app
apps.gubukalkalali.web.id
welkome.to
withfront.com
www.wordcabulary.com
checkout.zissou.com.br
core.zuberipay.com
Other domains in certificate