Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=biv-demo.klarway.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
50 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6B:52:36:62:BC:F7:3B:EA:81:60:66:63:BB:D1:2F:E2:D6:E8:22:F7:0C:66:35:1E:0C:7B:69:3F:F1:90:04:D1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
headlinesmagazine.com
www.headlinesmagazine.com
toppave-admin.acuizen.com
clinic.alini.ro
sharebabble.airbabble.appetiserdev.tech
www.appsmith.app
arion.aviapartner.aero
rider-web.basis-staging.bike
www.benleedesigns.com
www.bijdragen.com
www.bitloops.app
borbalo.ge
www.bossauto.it
www.breakingthetreaty.com
brokemyscreen.com
www.cabaretflamenco.com
calculo360.cl
sabic-lbv.cao.app
www.carolynsilver.com
www.chakravarthisoap.com
demo.chatbot.gallery
admin.copyzilla.ai
www.covidnow.us
www.dappy.pro
www.deangelisosteopata.it
www.docrobin.net
test02.dragonmetrics.cn
www.e-graft.com
entelechia.net
www.enwetech.com
eventjunctionchennai.in
ba.faundry.biz
fidalpuglia.it
fitifyworkouts.com
www.fixmyphone.shop
tracking.fleetviu.com
gdl4.foodle.su
forgingfreedom.us
www.forgingfreedom.us
www.fredericbruniquel.com
galaxy-agency.ru
devfest.gdgporto.xyz
glocalgroup.in
www.goboop.me
eliza.test.graphite.space
www.card.horehronie.sk
battututru.huyenkhongtamnguyen.com
ikiu.xyz
dev.inclineedu.org
sccbysurajsir.indiandevelopers.org
demo.stage.infomail.it
saltyrim.inseat.menu
student-success-demo.ischoolconnect.com
jeffscaturro.me
jizzmonks.com
www.kanagrid.com
teambuilder.kindbeetle.ru
biv-demo.klarway.com
spacepatrol.kvaba.xyz
tracking.laking.tv
lecrin-sauvage.fr
leonardolima.art
locketcamerabeta.com
lucky-strike.cash
mayeleven.in
www.mcdelivery.nl
about.mentorme-online.com
prayers.mileschristi.org
www.mpbikeclub.com
nesso.nesso.app
notachatbot.org
afi.fkdb.or.id
outwitoutplayoutlast.app
patriborrallo.com
11521486.peerly.app
lbsf.policyrocket.app
portal.posre.info
pre-compass.com
dev.propo.fm
regulars.win
links.testing.ridealto.app
justanotherbookmarkfolder.romantique.jp
rotacredoficial.com.br
the.semkins.ru
www.shubb.it
demo.sportango.co
jintomo.spwn.jp
botiga.suitefeedback.com
mta-sts.sycle.app
www.tabi-o-ji.com
www.talleratres.com
qai.tanara.dz
tangelder.com
www.thrifttella.com
thrivedev.net
pr3v13w.tynn.dev
gbeans.tyrlen.org
www.westerncanadiangamewarden.com
members-staging.work.life
xgoogler.de
Other domains in certificate