Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=auth.pulfy.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 04, 2025
Valid Until
March 04, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AB:B5:9B:24:C0:DB:DD:01:4C:B3:7B:0D:DB:4D:4B:26:46:DB:AB:F9:4E:75:53:31:27:19:95:E7:44:C2:CE:1D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
staging.1v1.lol
adarshchakraborty.in
ai-tutor.ru
admin.stg.arcanagame.app
archebyte.com
app.astralbills.com
awakeningstrength.co.uk
tourcoingvolley.deeplinks.bfansports.com
munasher.bhata.in
widget.binds.co
www.brandatelier.in
brt2.org
kbtf.cavemantraining.com
www.clarizegroup.com
kb.admin.staging.codewell.ai
briteping.britenet.com.pl
www.dataformation.app
www.dixyindia.com
www.zoom-webinar.ds-giken.com
edelsah.com
api-dev.ehlo.space
testnet.esdt.market
famatch.io
www.fanbuzz.io
nasconmobil.felporgetve.hu
www.findmynext.space
flamingocukraszda.hu
www.flyvendas.com.br
gleence.com
www.hinduprayers.app
humanest.jp
init-power.com
wtw.portalcliente.izii.io
help.kahu.work
www.v3.keeganwoodburn.com
snake.klima.rocks
user.api.letprompt.com
mj.linkwodin.com
www.lumlum.co.za
playnow.macrowars.com
meymoona.ai
auth.midi-mixer.com
api.monotony.app
familjebostader.demo.movello.se
fantasticfrank.demo.movello.se
musicforyourday.ca
municomerciobellavista.mybiznez.app
mylock.es
novartdesign.com
oktomark.de
ombrasc.io
staging.api.ondagoapp.com
reservation.onlineapp.cc
eval.paulprice.dev
www.phonesync.app
www.picnic.zone
www.pieterjanse.nl
www.podfwd.com
lpny-1205.porcupine.live
portme.app
api-dev.proper-ly.com
auth.pulfy.com
analytics.qa101-raksul.me
www.quizejogosonline.com
admin.qventana.com
www.relforcesolutions.com
www.reskilling.net
rkdentalclinic.com
www.sabrinaruehl.de
faultti.saimaasolutions.fi
shoppic.app
www.shouldigetacat.info
skilledmatica.com
dev.sneaks.world
guides.spext.co
lg.spiders.fun
support.spotline.app
www.stelath.site
corp.sycle.app
et160.tcontur.com
decode.thedesignofyou.com
bagagli.toscanadasogno.com
link.trivians.net
site.destinosinteligentes.tur.br
upgradesapp.com
us-canteen.com
hic.dev.usemason.com
www.usereliability.com
meta.test.vaulted.com
vejmartin.com
village.villie.co
widget.vizury.com
dev.vojo.com.br
www.vycepynachod.cz
www.wanderingcastle.net
staging.web.support
www.whereisgodinla.com
test1.xcape.in
www.zesrubu.cz
zura.com.ar
Other domains in certificate