Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.faruv.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
16:46:7F:BC:F6:8A:FD:ED:58:89:E3:3E:92:B8:60:3D:1B:C5:F7:FC:84:5B:32:5C:0A:5B:6F:FE:1E:B5:2A:88
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
validacionpucemanabi.com
ph.1800flynow.com
abextransport.com
www.aguasierracazorla.be
www.ainexas.com
emr.alleviationtherapeutics.com
zeroqbot.appsaur.com
ashwik.com
awakeprobiotics.com
beonbuy.com
oem.autoevmart.blubirch.com
perk.bluvern.com
bucklescan.com
staging-disputes.buslane.com
cankilic.com
hysan-lg1.carnotinnovations.com
www.caseyenglishstory.com
chamoliphysio.com
clairebotman.id.au
instore.clienteller.com
consmart.in
crossan.net
www.dataventures.ca
daves.bar
www.daves.bar
defmap.network
die-katzenkuschlerin.de
dev.mis.c21school.edu.kh
ekopsan.com
app.faruv.com
www.feedback.exchange
galerias.findupix.com
admin.flamabirrayburgers.com.ar
flamabirrayburgers.com.ar
fortitudewomensgym.com.au
gaugler.family
leaderboards.giflytics.com
simulador.habitamaster.com
simule.hamanncorp.com
spie-wuppertal.kapion.de
chijin.koujii.jp
learousevents.in
pimaster.matrixengagementgroup.com
www.mattholy.com
auth.mfests.com
migueldelagarza.dev
www.murrayspellingbee.com
app.myvitalsvault.com
parampara-utsav.namastey.co
www.ndhdp.lk
dreamcode.net.br
newlegacyit.com
nexor.network
www.nexor.network
kochbuch-test.nijo.dev
about.ntapi.xyz
nubifica.co
www.opportunitiesforzimbabweans.com
cedarcyvargas.org.br
parkinglesalqueries.com
paula-gallikova.com
punjabductcleaning.com
www.punjabductcleaning.com
hm-v2.qasoftsolution.com
misa-dev.qasoftsolution.com
quizzone.no
test-signup.qwi-did.io
www.rafiulhasan.com
api.referberry.com
reveurcritique.com
www.ricardomejiastravieso.com
saadmobile.com
www.scanningcars.com
scorpiancrackers.com
see-in-ar.com
seetoapp.com
shoppra.com
www.simaspeaks.com
sitmopanels.com
street-ttl.com
app.strengthlog.com
sypath.com
takereply.com
targetprops.com
taylormwilliams.com
techganah.com
thelinehauler.com
thomashuntsman.com
timo-dobbrick.de
ultrakitech.com
www.ultrakitech.com
mobile.unikuni.com
veagdemo.vacantvectors.com
verisys.network
usergroup.viscuit.com
wasconser.com
wedpy.com
yasmin-silva.com
yayilsin.com
zumradio.com
Other domains in certificate