Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=medicopg.app
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 20, 2026
Valid Until
August 18, 2026
89 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B4:C6:DD:4B:31:47:42:6F:1F:70:4D:C8:2C:8B:47:80:DC:DE:84:67:12:83:B4:FE:A9:F3:98:30:CC:B7:73:E6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
medicopg.app
*.medicopg.app
*.api.medicopg.app
*.backup.medicopg.app
*.dashboard.medicopg.app
*.dev.medicopg.app
*.en.medicopg.app
*.lxdvyapi.medicopg.app
*.marketing.medicopg.app
*.secure.medicopg.app
*.staging.medicopg.app
angkanet.zone
*.angkanet.zone
*.hk.angkanet.zone
*.m.angkanet.zone
*.top.angkanet.zone
*.w1.angkanet.zone
*.w3.angkanet.zone
*.w4.angkanet.zone
*.w5.angkanet.zone
*.w8.angkanet.zone
*.0553dbdf-6d4b-44ec-909a-a0e5f7d15ef5.bathroomstylist.com
*.521ca2df-8d06-479f-b27a-3dcf348dad7b.bathroomstylist.com
*.74536c82-e6c6-4f7d-b202-de8d631390d8.bathroomstylist.com
*.a.bathroomstylist.com
*.admin.bathroomstylist.com
*.api.bathroomstylist.com
*.app.bathroomstylist.com
*.assets.bathroomstylist.com
bathroomstylist.com
*.bathroomstylist.com
*.cloud.bathroomstylist.com
*.dev.bathroomstylist.com
*.hostmaster.bathroomstylist.com
*.mail.bathroomstylist.com
*.members.bathroomstylist.com
*.rd.bathroomstylist.com
*.rds.bathroomstylist.com
*.rdweb.bathroomstylist.com
*.remote.bathroomstylist.com
*.shop.bathroomstylist.com
*.staging.bathroomstylist.com
*.test.bathroomstylist.com
*.uat.bathroomstylist.com
*.www.bathroomstylist.com
hmzxyy.cn
*.hmzxyy.cn
*.m.hmzxyy.cn
*.www.hmzxyy.cn
*.72zb0p.mentionagents.com
*.blog.mentionagents.com
*.cloud.mentionagents.com
*.elchgapi.mentionagents.com
*.m.mentionagents.com
mentionagents.com
*.mentionagents.com
*.rds.mentionagents.com
*.rdweb.mentionagents.com
*.sitemap.mentionagents.com
*.www.mentionagents.com
*.admin.pokeraccounts.com
*.exchangecorp.pokeraccounts.com
pokeraccounts.com
*.pokeraccounts.com
*.ibwqa.wioot.com
*.img1-fg.wioot.com
wioot.com
*.wioot.com
*.081f243a-8259-4df2-a74c-507f02d13ded.xn--kbr08c72pij5a.net
*.26336757-68c0-4d4a-8842-b5671a4e4b3f.xn--kbr08c72pij5a.net
*.banka.xn--kbr08c72pij5a.net
*.bankovnictvi.xn--kbr08c72pij5a.net
*.git.xn--kbr08c72pij5a.net
*.ib.xn--kbr08c72pij5a.net
*.internetbanka.xn--kbr08c72pij5a.net
*.jf8mt0.xn--kbr08c72pij5a.net
*.kb.xn--kbr08c72pij5a.net
*.login.xn--kbr08c72pij5a.net
*.logon.xn--kbr08c72pij5a.net
*.mojebanka.xn--kbr08c72pij5a.net
*.pay.xn--kbr08c72pij5a.net
*.prihlaseni.xn--kbr08c72pij5a.net
*.www.xn--kbr08c72pij5a.net
xn--kbr08c72pij5a.net
*.xn--kbr08c72pij5a.net
*.zaplatit.xn--kbr08c72pij5a.net
*.wildcard.xn--ogt71lpvi6v0b.com
*.www.xn--ogt71lpvi6v0b.com
xn--ogt71lpvi6v0b.com
*.xn--ogt71lpvi6v0b.com
Other domains in certificate