Open
Cached
·
59m ago
80/100
SECURITY SCORE
Certificate Information
Subject
CN=fugioapp.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 29, 2025
Valid Until
March 29, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
26:A6:15:41:A7:EC:09:A7:04:5D:3B:5A:3A:BA:5A:B7:04:71:72:34:B0:3B:70:72:C7:88:5B:EA:1A:96:73:BC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
rfcs.cloud
abxarlab.com
mp3juices.africa.com
albert-sobreo.com
alexjreyes.com
apps.alloagent.ai
properdrop.alpinefairways.ca
appsesoria.cat
www.authmonster.app
autoshkolladigjitale.com
bcagroupc.xyz
top6.beping.be
assets.beryl.cc
copse.biibiic.com
www.bitofgaia.com
official.bluesnakes.ai
bottenger.com
www.bottenger.com
chik-ai.com
chrispascarella.work
charmuadvocates.co.ke
www.codeclickers.com
codeglyn.com
www.ng.com.bo
orbit-staging.grain.com.sg
cricbolt.com
criticalstreams.com
login.dautucophieu.info
designweb.asia
www.detectiveword.com
doctoracarvajal.com
commit.droggol.com
www.easysmartagency.com
www.edea.cl
capital.edgetech.dev
www.edgetech.dev
enzophotobooth.com
www.enzophotobooth.com
ephimero.space
care.ept888.com
essentialhandymangeneralconstructioninc.com
www.etunepinceede.fr
docs.factoryio.com
fastways-logistics.com
www.fastways-logistics.com
federicomatovelle.com
portal.fitbadge.app
www.foxtrotcommand.com
fugioapp.com
bottleflip.games235.com
freekick.games235.com
sushiroll.games235.com
blog.gcchanoi.com
getbeesly.app
hotel.globalgarner.com
mega-brands.globalgarner.com
test-runap.parquesnacionales.gov.co
www.graditya.com
beta.gymstreak.com
haap.digital
ingomucoach.com
intstudydestination.com
www.itstrueorfalse.com
www.johannschramm.de
john-zhou.dev
juliocesarandtheband.com
www.juliocesarandtheband.com
apps.k-weather.com
app.labtest1.com
langems.com
michaelmund.ca
mmork.se
natmaps.com
open.newsongpeople.com
nukeology.com
app-cetro.otimize.app
s.otiskan.com
phcconsultancy.com
plexacare.com
www.powerai.io
auth.pozitifcv.com
www.raminaji.me
operator-patch.reliablepunching.com
app.satvicmovement.org
auth-staging.schoolai.com
www.seereena.com
brainquiz.singhteekam.in
syntaxshop.online
syuniknews.am
tacsystec.com
dev.techgup.com
thecollector.zone
time-boxed.app
triogmbh.de
vanterwis.ga
viajesfameyetanol.com
vicotechnology.com
xdevutilities.com
xn--semilleroparacientficos-jfc.com
yama-u.com
Other domains in certificate