Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.ponyi.hu
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 01, 2025
Valid Until
January 30, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A2:9C:72:39:01:D1:F0:08:F0:0C:10:18:9B:C8:61:2A:86:19:79:66:2B:19:F7:B0:7F:44:31:DE:0B:8E:3F:4C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
stendin.com
dev.dashboard.abasto.app
www.aidenarun.com
sl.al-hiwar.com
dash.antipy.com
ashfairs.co.uk
ashkherad.com
atatcengo.xyz
www.atatcengo.xyz
aventureholdings.com
us.production.gfc.avisi-apps.com
link.basketsancasciano.it
reservatio.binarypoetry.ch
bringspothome.com
brokenimmortals.com
dev.buscontrol.app
cambioposto.it
www.cambioposto.it
dashboard.camper-connect.de
iadata.capitale.dev
carefularoundtheeyes.com
cjrakaczky.com
www.e1.com.vn
company.moscow
constant-rotation.app
mercadeo.corporacioncapi.com
creekfieldstudios.com
api.crowds.app
gsms.derazona.com
devmanshoud.com
triplewhale.dorsalbracelets.com
charts.dtnexusapp.com
admin.entid.ca
staging.10et.esad.pt
trco.eventtravel.app
app.examefederativo.pt
www.fearcertainty.com
es.futurecoder.io
globalvisionimmigrationservices.com
govetery.com
wedding.haxorai.com
summer21.herlipto.jp
punchin.hiddentalent.tech
fpl.hobbysoft.su
resol-nagoya.b.hotekan.com
intellectualkids.in.ua
www.isinfluence.com
www.dla.isoftspot.com
combust.iteq.rs
token.spaces.itopia.com
www.jesusgarciase.com
jockegustin.se
demo.jvlab.it
app.klubstack.com
analytics.v3.kt-pulse.dev
app.lagranja.top
lakeside.lk
letafall.com
www.lilbitsofmagic.com
zhd-group.liveqa.jp
voice.ltbventures.com
lyndon.com
masterplanner.app
milanharris.dev
firebase.mitoraj.cz
admin-v3.mybackhug.com
www.mytrucklane.com
www.neuronica.co
www.nextercare.it
nooma.pk
web.orderlina.com
www.pam-hrmsoftware.com
scan.payperse.com
pedromalo.dev
www.phillydu.com
www.pianowithronni.com
kompas.polskapartiapiratow.pl
www.ponyi.hu
app.preicfesteam.com
auth.proxiwiki.fr
sugasam.pujasweb.co
www.repower-sommerfest.ch
ssc.saprayworld.com
sheleadslaw.com
sitch.ca
sky9travels.com
identity.skypbx.com
preview.slyck.app
sycoins.com
www.synkira.com
www.tabtidyllm.com
theoryio.com
tibs.site
top4wheelerwala.com
www.trufflapp.com
www.twobrotherscompany.com.br
dev.underwritercrm.com
varjuindia.com
redirect.vskarleas.com
whichipedia.com
Other domains in certificate