SSL Certificate Analysis for random.funex.co - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=datrasportomoto.org

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 13, 2026

Valid Until

July 12, 2026 36 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

FD:26:48:DC:B2:9B:43:1B:01:99:62:2A:90:EB:04:0B:49:EE:E8:C6:38:75:26:ED:99:96:90:5C:A5:7A:AE:6C

Alternative Names

77 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

77 domains

funex.co *.funex.co *.random.funex.co

Other domains in certificate

correoscourier.click *.correoscourier.click

datrasportomoto.org *.datrasportomoto.org *.fr.datrasportomoto.org *.support.datrasportomoto.org

formacar.info *.formacar.info

*.absence.sjwxow.com *.absorb.sjwxow.com *.act.sjwxow.com *.action.sjwxow.com *.actual.sjwxow.com *.ad.sjwxow.com *.adjust.sjwxow.com *.adult.sjwxow.com *.advance.sjwxow.com *.advice.sjwxow.com *.adviser.sjwxow.com *.after.sjwxow.com *.aid.sjwxow.com *.aide.sjwxow.com *.air.sjwxow.com *.alive.sjwxow.com *.also.sjwxow.com *.alter.sjwxow.com *.angle.sjwxow.com *.angry.sjwxow.com *.approve.sjwxow.com *.assess.sjwxow.com *.attach.sjwxow.com *.auto.sjwxow.com *.baby.sjwxow.com *.back.sjwxow.com *.balance.sjwxow.com *.ball.sjwxow.com *.band.sjwxow.com *.bank.sjwxow.com *.barely.sjwxow.com *.bear.sjwxow.com *.below.sjwxow.com *.bend.sjwxow.com *.blade.sjwxow.com *.blame.sjwxow.com *.blood.sjwxow.com *.branch.sjwxow.com *.breathe.sjwxow.com *.brick.sjwxow.com *.broad.sjwxow.com *.cabinet.sjwxow.com *.cancer.sjwxow.com *.career.sjwxow.com *.cast.sjwxow.com *.cat.sjwxow.com *.cause.sjwxow.com *.ceiling.sjwxow.com *.central.sjwxow.com *.chytsz1.sjwxow.com *.hy2wz2.sjwxow.com *.hystz1.sjwxow.com *.hyt5z2.sjwxow.com *.hyupz4.sjwxow.com *.hyvaz2.sjwxow.com *.hyvnz1.sjwxow.com *.hyx5z2.sjwxow.com *.random.sjwxow.com sjwxow.com *.sjwxow.com

*.production.wuxi.bio *.random.wuxi.bio *.superset1.wuxi.bio wuxi.bio *.wuxi.bio *.www.wuxi.bio