Open
Cached
·
1m ago
77/100
SECURITY SCORE
Certificate Information
Subject
CN=covid19.cheart.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 18, 2025
Valid Until
January 16, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
32:5A:D8:27:3A:E9:F5:FE:09:07:15:1A:94:BF:CF:52:87:90:6D:7B:B0:FD:24:25:B5:4D:77:19:DA:7A:EF:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dobbysadventure.xyz
www.actop.com
aenigma.app
www.agricola33.com
amsprojects23.co.za
www.amsprojects23.co.za
www.asapstudies.com
link.bipsoin.fr
auth.bogoseo.net
bole-bole.com
share.bole-bole.com
booksmyssrp.com
www.booksmyssrp.com
bridgingdivides.lk
carolandleo.com
docs.aigateway.cequence.ai
covid19.cheart.io
club-roots.co.uk
karalist.cmouse.app
basheer.co.in
vsrgroups.co.in
jetpaketyazilim.com.tr
soccer.comounexperto.com
www.crawlsec.com
www.designem.io
dominicpocaan.dev
www.dominicpocaan.dev
eject.io
slingshot.enlinquental.com
api.foodmycraft.com
fordze.com
fortunecarz.co.nz
studente.futuri.education
galaxyforge.org
www.app-referrals.genuineimpact.io
pwa.goodmovesapp.com
www.himalayparmar.com
soictvnhuy.id.vn
www.italyexpat.com
www.itapx.com.au
jandme.in
kingly-projects.com
admin.kiotalogistics.com
app.kiotalogistics.com
teclab-demo.klarway.com
ok.klev.org
www.learnthemenu.org
www.levonkesh.com
www.m18.tech
miotx.com
mysalesapp.online
www.mysalesapp.online
www.neonappstudio.com
neverhappy.net
blog.niima.cloud
incart.nine42.com
www.novartdesign.com
oathero.com
www.octobertide.net
www.orian.solutions
arkanoid.otherg.com
mobilize.outfox.ai
padmaodzerchoeling.in
piri-cup2021.pirika.app
www.eternal.pp.ua
propertycarecalifornia.com
www.radiotania.com
ratnakarworld.com
realtimetypeapprovals.com
realtradeinc.com
relogiomundial.com.br
resistenciaselectricasomegamty.com
reviselebanon.com
app.rockitship.co
saatanaan.fi
www.sainiphysios.com
salesmrkt.com
savindiranaweera.dev
auth.shopinzon.com
insights.shopmyinfluence.com
solanasystem.com
www.ssucamps.com
app.startuparena.asia
stephrems.press
swl.surprise.com
calendar.swpotato.one
system-9-games.com
teunpijnappels.nl
www.theafricanmanpodcast.com
ledger.thegriffonssaddlebag.com
themrtcreations.com
www.thenexigent.com
scientific.theorygenerator.com
thewealthflow.co
kinect.tixologi.com
travelbazartour.com
boletos.uanl.mx
viraltrade.in
admin.work.life
www.yozo.co.jp
Other domains in certificate