Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=heartickets.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
70 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BD:58:40:0D:25:21:EB:A1:EB:EE:EA:80:4B:FC:E0:13:7A:17:21:7E:FF:D4:8A:BB:1F:A0:87:04:F3:02:A5:6B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-VBmCyEFrDpO039gaU2LCRw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
s.picasso.md
abbysage.com
app.aerox.fit
airzoneholidays.com
aivero.site
www.alectoai.com
ashilink.ashiken.jp
www.atticconsulting.com
autrack.online
bimobi.app
bitelogr.com
blowgummies.com.br
portal.camino.solutions
admin.casaproletaria.com
tgbots.casual-craft.org
formulario-web-cambios-y-devoluciones.cc-irdigital.pe
chatxbuy.com
chirpsweet.com
auto-crud.clifland.in
mentanova.co.in
coastcruz.com
www.coconutapp.co
app.courtsync.io
dhobighar.co
diversdiscount.com
qcumba.dwsaas.co.uk
easycnh.com.br
enferlain.dev
stage-blue.immi.enigmarnd.com
managecbpsr.enscygen.com
www.enscygen.com
company.ensvee.com
www.escaperoomstatenzaal.nl
ft-rd.com
fundimo.com.au
ghostcastatore.store
globalonlinesolutions.in
iwitness.glytch.cloud
haro.jp
heartickets.com
hebrew-semantle.com
heikatang.icu
www.heikatang.icu
www.hmade.uk
import-uat.hotwax.io
zinit.hoenmike.io.vn
checkout.iorderai.com
jiesdesign.com
jornadarpa.com.br
khroza.com
www.khroza.com
demo.topoguidepro.kleak.dev
krysx.com
www.krysx.com
krysxlifesciences.com
www.krysxlifesciences.com
kwikpost.art
lumper.app
luoling.icu
cyber.luwaktech.com
luxride.bg
app.melodisto.com
www.michaelbakerportfolio.com
app-links.mobyyou.com
biz.myhouselab.kr
naturaltribe.com.co
newsflow.asia
identity.koru.dev.nhattq.asia
koru.dev.nhattq.asia
link-accountech.nibo.com.br
no1charcoal.xyz
oaimstudio.com
backoffice.oceanidesconsulting.com
onyxballoon.com
www.oriforce.vn
patooworld.com
www.patooworld.com
deliveries.pikipiki.co
optoasia.qls.vn
qnext.me
www.rajagobalan.com
rangebook.golf
rentvec.com
aarb-ems.rosoftsavvy.app
samcopharmaceuticals.com
speakingathome.pl
suppy.com.co
widget.surv.ly
cms.tastematch.app
thwu.me
tigermou.com
invoice-dev.tiime.app
toma.ae
vaddakh.ru
web.vanglar.com
apps.vel.cc
www.vibralgo.com
www.yinxuyw.icu
yinxuyw.icu
www.zerobyheart.com
Other domains in certificate