Open
Cached
·
just now
77/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=multicart.mikmak.tv
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
April 16, 2026
Valid Until
July 15, 2026
79 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
09:50:4B:A2:DD:3B:97:4C:80:0A:0E:B9:03:ED:B5:A6:6B:B1:D3:0A:3D:A9:FE:BA:60:89:87:A3:2E:F6:C0:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
devxhive.com
alavna.com
algisperformance.com
ayotta.uk
portal.ayotta.uk
dashboard.bahakeldigitalmedia.com
www.bedlamapps.com
buzzcraft.in
byemesports.com
cadencecore.co.za
junior.campese.com.br
www.certificadodereciclagem.com.br
chainword.in
champion-it.fr
cleanpixel.kr
otcmanager.ctrise.org
curiosity-quiz.com
mcpropiedades.dataprop.cl
link.egnite.demigos.com
devlager.tech
www.drzafersoyuk.com.tr
www.dudarfstleben.de
www.eclipsedesign.io
comercialalvorada.edsys.com.br
www.encoreliveproductions.com
pacwest.equiem.mobi
www.estetomed.com.br
fibonaccifirm.io
fimmigrm.net
km.fkuii.id
www.focus-track.ro
alpha.app.fridgeman.io
fullvitae.com
link.gaddex.es
halogrid.ca
haveli-istanbul.com
hexercise.click
inventorycount-dev.hotwax.io
www.ig-roding.de
itslaurenoreilly.com
jbuddies.app
www.jbuddies.app
jeremysun.me
auth.jsy.tw
pickupwhatsapp.juguetron.mx
www.staging-money.k-9apps.com
planriseai.kro.kr
lacucha.com.uy
liceolcm.cl
link-craft.com
www.longshot.in
app.sipeta.mbkspace.com
game.mcdowellsonoran.org
sitari.melbookings.com
v2.mesetiquettes.com
multicart.mikmak.tv
gestion.myviar.com
api.n2bbrasil.com
www.nata.house
neivi.es
profileanalyser.pansolutions.com.br
phoenixrisingsolar.net
bestellen.pizzeria-ottimo.de
planoraevents.com
www.proinbro.com.tw
codeaxis.rilhax.com
agenda.robinwattier.com
robomate.ly
www.saudehospitalarcursos.com.br
www.signoffnow.com
smartbvb.in
snugglesatelier.com
www.socialdatapro.com
sparksmatters.com
staging.app.specpal.dev
www.spencercornish.com
auth.sporim.io
www.sportscapital.io
www.streamplayer.net
www.strikezonelabs.com
swiss-puck.ch
undersokelse.synergy.no
www.tailoredresources.com.br
www.tayland.com
www.texasstylewrestling.com
www.muslimapp.thinkincode.co.za
dev.tinagusia.com
tiposdecambio.es
link.trplus.com.tw
twinesbytaani.com
www.twinesbytaani.com
www.vadimchirkov.com
vinsanet.com
idvalidate.virtualsignature.com
beta.watafan.com
mogdownload.worldpos.com.my
curator.develop.de.wowworks.org
www.xandora.tech
www.xrajan.com
legal.zeemove.io
Other domains in certificate