Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.themapdoctors.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 10, 2026
Valid Until
April 10, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FA:F5:D8:17:8A:AA:E1:4D:17:48:E0:15:5D:72:1E:7E:A3:FF:03:CA:E1:33:49:9E:1F:D4:1A:78:AE:5A:BA:49
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
thirtyourself.com
hermes-portal.aimgt.info
www.airoguelite.net
alamiya.online
www.anantaracapital.com
anviitech.com
console-stage.ap-dock.com
dev88.aplano.de
www.arcaids.me
www.axl.coach
breakthewachain.com
app.bystro.cr
www.ar.yogeshjadhav.co.in
foht.co.ke
correctly.tools
www.corton.dev
www.cristianbuenoyoga.com
dessinateur-projeteur-jg.fr
dratin.com
driveyourcarhome.com
isobel850.dsmx.ca
www.easypieces.ci
auth.edusuggest.tech
endah.org
escalasmais.com.br
eudavdata.com
nexus.factorem.co
faerderbiennalen.no
firecalc.com.au
officetroop.dev.fultongrace.com
gcbghana.com
www.gemini-to-word.online
trexx.gooddoog.ru
www.gregweisbrod.com
hallo-oli.de
ideesprenoms.fr
imcoffeefreak.com
www.iotminds.in
xu-alumni.jameventsph.com
chordo.joesteccato.com
jpinternationalschool.com
kephros.com
kobit.app
kosinzube.site
krapor.com
voluntr.lernox.in
mbsnetwork.net
melter.ro
misterarther.com
share.moinmoin.io
www.morningstarhartland.com
partner.dev.mozome.com
mtwedding24.com
www.nexthire.cv
herbstfahrt.noahgels.de
pwa.not-alone-app.ch
nyxscan.com
link.odiniapp.com
ombrelliamo.com
qa.app.orderit.ie
optix.outlandliving.com
www.payrows.com
phantomlightdesigns.com
www.pichon.com
ab-lab.portalclientesab.com
k-tuin.qrq.app
www.ramblinstories.com
reevia.fr
revitalrosen.com
gbg.rf.live
rightcornertrading.com
rodgermilla.dev
rolcc.in
santiagoducos.com
screenwraiter.com
app.shortwave-staging.com
admin.sigiforge.com
simcarmod.store
sos.blue
voiptelecom-demo-app.speakylink.com
squatchbot.squatchcity.com
www.stockpointpos.com
link.staging.storiaverse.com
taishar.net
www.talentrator.com
api.techfairlive.com
thedesigncycle.com
thedivinator.com
app.themapdoctors.com
wishlist.tolacika.xyz
safeform.unawa.asia
healthy.vearuny.com
healthymeal.vearuny.com
getahead.viix.solutions
visaafy.com
pc.worksync.tech
www.xiaocixia.com
ymnd.ooo
www.zahratoman.com
www.referral.zfirst.in
Other domains in certificate