Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=api.vidoctor.vn
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
42 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
51:7E:70:17:B9:6E:4A:63:52:B0:1D:A2:06:1D:3E:3E:56:3A:67:2E:85:0E:07:97:D4:2C:85:ED:01:6B:B3:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ratiomonitor.app
www.1155is.com
chatrmaps.aluu.me
asianamericanedu.com
bigroy.life
dyn.conservative.blabber.buzz
d.care.me
l.caresoft.vn
clouder.app
kiosk.done.co.il
www.1km.co.il
www.mayka.co.in
www.rosewoodcastle.co.in
www.lite.concursos360.com
panel.conectikids.cl
gameon-staging-link.cosmicoda.com
www.app.cyberloop.ai
www.davie.com
app.dismissly.dev
dashboard.eurheka.com
fantasygolf.io
www.feexn.com
kurse.fittracks.de
flat-ah.eu
gcctrend.com
support.getrevibed.in
www.giancarlolamberti.com
www.go-risk.org
goclass.com.au
dokokara.goga.jp
arigovo.hexml.net
www.hsinv.com
idecasa.mx
imageai.app
api.dev.inkryptus.com
instituteoflifescience.in
loveisland.itv.com
www.jafalworldfusionmusic.com
www.joe-bowers.com
www.kbbsuite.com
lacrossewatch.eu
www.lagacting.com
www.lapastelidog.com
auth.letrasite.com
levimed.se
www.litespeedcheck.com
losninosdemaria.com
go.m1studio.co
ctf-netlify-build-app.maker.tech
resume-manager.makgupta.com
www.maskanasry.com
kubbar.mattpellegrini.com
link.test-app.mojob.io
store.molecularinstruments.com
panel.neutroiptvplayer.com
nutraworks.io
esc.onsurity.com
packli.st
paintbox.app
www.pamisa.net
www.paperset.app
psclient11225.philanthrosphere.com
sass-export.plentycode.com
stagingseller.proxtera.app
www.rafaelmatsumoto.dev
rcs.games
ri8global.com
admin.richproperty.in
links.staging.ridealto.app
precos.roda.dev
saenuruki.com
www.sgklass.com
www.shaunjacks.io
ym-app-qa.site-ymobile.net
portal.smart-skipper.com
softwarefactoryconsulting.com
installer.solarhub24.de
sommapp.com
labs.specularo.com
www.supernovaelectricatx.com
synprobysisis.com
g.tab32.com
da.taxsat.com
teambuddy.fr
links.stage.thetoucan.app
stage.client.tijoree.money
tingvollsalmonfishing.com
dev.togetheruniverse.com
www.trekkersclan.com
troyservicesgroup.com
unboundformac.com
uniqenergy.app
app.usesuperflow.com
todo.vatsalgp.com
www.vedantaspain.com
api.vidoctor.vn
vrvenkatesh.com
app.witful.com
wolferwedding.com
www.wolna-keja.pl
Other domains in certificate