Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=moniapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 07, 2025
Valid Until
January 05, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
31:13:7B:BA:B5:E8:C5:A1:3C:3B:7F:28:B6:6E:BA:D9:D9:96:25:E3:5D:FC:91:98:09:8E:55:14:BC:F0:1F:86
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
reelitapp.co.uk
2024.splitech.org
baltzersens.5loyalty.com
aafpets.com
www.academmia.ro
www.alcasino.se
www.alphatech.com.pe
anhang.zip
arnold-abraham.de
app.awayfrom.uk
auth.bimmergeeks.net
www.birdieos.com
signup.boo.world
braid.tech
admin.brickly.ai
time.caitchison.com
calendardarkmode.me
centaureducation.com
bestellen.cityfood-marl.de
www.clinking.net
app.cluborg.co.uk
www.codeforbrands.de
pathfinder.darkmane.me
www.davidhodge.dev
daylan.com.br
developmentunited.org
insomnia.docbotic.care
docs.domaine-app.com
dougiefreshtakes.com
www.eleanorrumsey.com
tradeforgood-uat.equix.app
www.fabcars.com
faithandspirits.com
www.filesion.com
rocketroad.games235.com
gaugaugau.com
www.gmverse.studio
links.guilfordsuccess.org
hcordigital.com.br
beta.heyalfie.io
yagurastation.honigwachs.de
www.hotroadsolutions.org
humancloud.me
insighttherapy.com.au
rosewedding.jjhome.in
api.kaffeeroesterei-magdeburg.de
korrekturmanagement.de
www.lbvfamily.com
staging.leadertrip.de
www.linkcode.com.mx
pv-link.lukb.ch
dev.about.magnesconnect.com
www.mais.codes
premium.mamanoko-staging.jp
masjidops.com
www.maureenbarahona.foo
pf.mbks.io
moniapps.com
todo.mosh.kr
innisfil-admin.nicelaunch.ca
nickx.hu
nisar.co.uk
www.oguzkimya.com
owlc.dk
test.peak.flights
www.pira-lago.com
shop.placementmaster.in
www.plussixfive.life
app.podtuna.com
pomorskidom.com
www.quacktravel.com
www.robinherd.com
www.roboticimaging.io
www.salonlolitarestaurante.com
savicloudtech.com
www.seanjohn.eu
www.shahiana.in
shreekansa.com
www.simplestepsedu.ca
slatehero.com
candy.spanishfieldsone.org
spelezoli.lv
l.stores.jp
streampoker.nl
stuckinarut.rocks
mijn-test.toegang.org
stage.aptitude-test.tokhimo.com
tomchris.com
www.tritogether.net
utenti.tt-nowaste.org
lajungla.turnosweb.app
vamosjuntos.uy
linkuat.ffm.vic.gov.au
u.vorapp.net
backoffice.voveid.net
beta.watts-hot.com
www.wealthlucid.com
whats.link
wordhunter.app
beta.yadada.app
Other domains in certificate