Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=heartintune.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
85:E4:B0:AC:36:5E:24:F3:9E:F3:EE:D0:74:51:4C:50:BE:26:9D:77:5F:69:09:19:54:D4:1B:9C:74:29:3B:0E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
auth.kamiak.org
eu.assets.cloud.acurable.com
aeion4.adaept.com
gaeste-intranet.additive-apps.eu
www.adelinedelbecq.com
aerav.it
akinsoftbatman.com
alexanderschwartz.de
www.aplicacioneseingenieria.com
www.app-implantcompare.com
autochat.store
wahlen19.bazonline.ch
mx.marketplace.bee-seller.com
backoffice.bepos.io
www.bestdata.cl
bettercoachs.com
www.bidshak.com
worklogs.bigfox.cz
bineo-consulting.com
my.caren.io
sander.cateringportal.io
www.cerrahi.tv
chapeletperpetuel.com
chetak.pro
www.colcambiosaustralia.com
link.mypay.com.my
www.controlpet.com.mx
www.creel-ventures.com
olimpus.diamondeducationinstitute.org
domogame.com
www.ec-int.com.pe
rimcat.echowear.org
www.manaport.seto-solan.ed.jp
auth6.google.eitvcloud.com
www.endofleaseccb.com.au
www.exmera.se
www.expirytracker.live
www.firensafetytech.com
fleetingpixels.com
fotoplayapp.com
www.freefoodforfamilies.com
econtent.gmit.mn
www.grademonitor.com
markdown.griffintennent.com
heartintune.io
holusion.com
business.hym-app.com
staging.innoneers.com
consultant.stg.innovators-career.com
irisambiente.it
www.ivycreekapps.com
jadekang.me
www.joanna-chow.com
juandavidjaramillo.com
cbda-staging.kioskbytes.com
development.ko-dev.net
ordernow.lakesidepho.net
www.letprompt.com
s.limaois.me
www.maxloh.com
dashboard.memobac.app
petropiar.metax-ims.com
mikehatzi.me
mothership.cx
www.motivaeacao.com.br
moveon-foundation.com
naufalhafizi.com
nexusmed.in
auth.openblox.io
oprove.com
palveluun.fi
parisnails.com.au
spb.ppdjulau.com
admin.privemd.com
skype.profitableservices.com
dev.pwatungsten.app
www.refugiolandscaping.com
rlzim.com
rockdiving.bg
sammcgrail.com
selbeg.mn
shariqahmed.org
www.sidelaner.de
www.siref.mx
dev-link.steaker.com
teamtribe.de
backoffice-dev.thaiqrmenu.com
www.thedudu.space
tools.tmn.services
waitlist.unusual.inc
www.veebeed.com
velqwick.com
vendamaisvolvo.com.br
viajeserevan.com.ar
migration.vida.studio
messages.wallsync.net
postmap.watakura.xyz
www.weike.ca
www.lmm.withorca.com
wonkywidgets.dev
Other domains in certificate