Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=aasa.bidtix.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 16, 2026
Valid Until
April 16, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2F:EA:C0:ED:CE:A0:E3:4F:43:7C:79:6F:46:41:66:B7:DA:7F:B5:CB:F9:B5:2F:15:DA:5E:3A:64:FB:48:9D:E2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
17track-cn.com
www.7projects.xyz
www.academicpro.ro
dev.adelielogistics.com
www.amramadan.com
www.apparence.io
stage.arcatxp.com
artizno.com
awooni.com
aasa.bidtix.co
bloodthings.com
brand.botsfired.com
newgrads.botsfired.com
www.bytehug.com
calamidadepublica.com.br
www.captaincolors.com
account.ceelit.com
www.chaselawfloridapa.com
www.clarkstevenson.co.uk
sub.englishforeveryone.co.kr
www.cogna.in
admin.nabd.corejsc.com
dashboard.nabd.corejsc.com
nabd.corejsc.com
www.corfubarber.com
deboacomansiedade.com.br
devspot.dev
discovertutor.com
app-voluntario-modules-develop.enricomisasi.com.br
monbacprociel.eolivarez.site
app.eventum.dev
admin.fujiproject-off1cial.f5.si
app.flowlytics.cloud
gestionaysen.cl
app.getfullpay.com
www.hamsaem.com
www.haulbot.co.uk
api.haus.live
auth.heartfulness.org
www.holmevalleyestateplanning.co.uk
roi.hyperapps.in
www.lanyustar.idv.tw
inbalancebody.com
www.innispirituali.it
insurancetestpractice.com
www.insurancetestpractice.com
www.juhtech.top
poll-corporate.karriereheld.team
katknits.ca
www.laocjoshua.com
llm-lens.com
lock23.ca
www.marjandesign.de
api.marlim.co
www.martinaduerr.ch
masaru-fitness.com
beta.backoffice.mastertrack.com.br
mentorconnected.com
mercuriumsolutions.com
neekavenue.com
nenabaeyens.be
ninedots.co
gymkhana.nirvana-groups.com
app.oneprojectamonth.com
opentyde.com
pennypilot.co
pikashowstv.com
blacktemple.piticommerce.com
www.plantvestigiuminitiative.org
www.plexusneuromechanics.com
app.popaty.com
www.pressure.cooking
app.prosegurpay-api.com
www.replicanttrader.com
www.reporting-pal.com
roclight.buzz
www.roclight.buzz
rooms.rotes.haus
royrishabh.com
rsms.dev
settefibra.com.br
www.sheout.shop
www.simplemoveco.com
smartacqua.com
www.smileconduite.fr
pay.splitit.dev
syntomate.com
alcala-wellness.timp.io
mamas.timp.io
shortlink.uatbyopeneyes.com
secure.ulkaone.com
vazi-muenchen.de
palink.vecticum.com
play.capitalquiz.vshyrochuk.com
h.wafarle.com
whatsinpremier.com
auth.rsvp.withgoogle.com
xirimex.com
ystdevconsult.com.br
app.yuyoapp.com
Other domains in certificate