Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.midobapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
32 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
97:2C:9F:F0:C2:42:BC:75:19:F0:DA:8F:D8:C0:28:B0:20:D0:D6:20:07:44:CA:5D:7B:5A:4B:96:1C:92:5A:D6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mcmtechnology.co.uk
alnovikov.me
app.google.amego.com
analytica-india.com
www.animated-sticker-maker.com
www.appleshakers.co.uk
user.apptomato.net
www.beautybyamardeep.com
laudo.beerads.app
www.bikit.rocks
binale.tech
birthdaybox.io
links.mbizmarket.co.id
preview.vrelovod-osijek.com.hr
zettasoft.com.uy
comuniverse.xyz
link.cyrela.com.br
bo.mts.dataequinox.com
www.dhineshrodi.in
atlas.dimpr.nl
www.dnieln7.xyz
dolg-pravo.ru
admin.e-bon.md
ca.emce.app
visite.flavigny21.fr
a07l.foodle.su
fortis-mocni.pl
www.futureforwardcs.com
fynedental.net
gaethr.com
app.gamoteca.com
garagemichiels.com
getweatherwear.com
www.ghillicrackers.com
gpp-treuhand.de
gripactive.pl
hartmood.com
healthygrocery.app
log.hec133.app
admin.hennamiranda.com
partnertest.jeeblynow.com
web.johnshortland.com
jordanbuysse.com
justincpollard.com
kapeller.io
sync-city.karla.ai
kmo.hr
test.knowcab.com
dl.kolonmall.com
lelimit.no
intranet.lempls.com
www.lilc.fi
www.lonelytreetours.com
cliniqueaguilera.luciole-app.com
console.maprun.net
calculadora.mazzavelasaromaticas.com.br
melodramatique.sk
wallet.merit.me
www.midobapps.com
www.miradourodegamboa.cv
cs.mitas.pw
beta.mixi.nyc
perfil.mymoons.pe
www.nanoz.cv
talleratres.net.ar
ntsvoting.org.uk
honoreversi.otobou.com
www.patelfensing.com
www.patronscan.com.au
api.plantidapp.com
moonle.professionail.co.nz
app.reelertech.com
app.stage.reflow.design
batch1.restoplus.com.au
www.retailcrm.cloud
console.rollingtrans.com
www.rusirii.com
app.senby.tech
www.sergiogf.com
www.sisucarecollegeofnursing.com
www.skipadealer.com
terminal.soga.com.br
en.sparkle-electrical.com
eventspanorama.sprocketprinters.com
sumodsivadas.com
suprdine.com
linkdev.thegift.pt
beta.trustmix.io
tummysafe.com
data.umuganda.digital
outreachfinance.uofnkona.edu
apm.verolabs.co
web-dev.vigivideo.com
web.vigivideo.com
vytlsft.com
horcel.wiki.br
boxapp.wird-andares.at
dev.fns.xchart.com
yallafalla.com
yashambre.com
Other domains in certificate