Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.butterfi.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 20, 2025
Valid Until
March 20, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AC:75:18:53:D6:28:E1:B0:EC:1C:F0:D7:5D:5E:35:5C:52:27:80:36:1C:CF:B2:33:0C:0C:90:C6:BE:7D:C5:95
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
synaptiq.co
www.abulnes16.dev
m.amarstock.com
www.atelia-patrimoine.com
www.bloombud.co
brainchild.sg
red2.btartisticyoga.com
orair.bullet-mobile.store
app.butterfi.com
buzzhubs.com
cameroncanning.com
chavesasociados.com
staging.aalam.chennaicyclists.com
pushmgt.pizzahut.com.tr
dev.cybberline.io
www.ddbox.com.au
xuy.enkisser.space
auth.escapezilla.com
www.esportstechnologiesaffiliates.com
www.f3.events
grafikon.felporgetve.hu
app.fighterodds.ai
footprintsdesignstudio.com
app-ester.forextb.com
signup-stg.getsilt.com
www.glamslambraids.com
glinktest.com
grosswearegross.club
halifaxlive.ca
www.henryado.com
cam.hive.properties
hoftsoft.com
hudsdev.com
hvcomponentes.com.br
www.infyai.com
www.intelystate.ca
irajenya.com
www.iris-talk.com
www.jacobkubica.com
janporeba.com
jsworldwebstudio.com
jumpwirefx.com
kazandin.net
keeponroaming.com
kingofladder.com
ladybugandbee.jp
lanocha.jp
leapstep.org
invite.locamos.com
deckdesigner.lowes.com
www.lugal.xyz
luminora.pro
md-tech.in
mellonnet.com
inspired.missiontopsyche.org
partners.mywhyai.com
nazaninhamed2018.com
portal.nerri.ca
khachhang.nghienorder.vn
nikudoushi-fukushima2.com
nivelito.com
www.nivelito.com
nooreyni.com
www.novabounty.com
www.nutrisek.com
www.od-tech.my
www.orbet.io
chores.owenfam.org
web.pixley.app
pomofree.one
www.portstewartstays.co.uk
www.invites.pozoltech.com
www.quiz.prasunchakra.com
www.pratyush.dev
www.prettybigmonster.com
protectorsofbalance.games
admin-panel-dev6.qlub.cloud
dharmapuri.rainbowsdroptaxi.com
vegan-protein.raodix.com
www.react.guide
www.reuniondues.com
rhayes.ca
www.riyaflorist.co.uk
www.samrongroup.com
sdk.seja.best
www.sexgpt.org
shaunkirkwong.com
www.shihanstar.com
www.slevin.im
srvenibpiqvja4mx7bzy.smartimob.io
bodavallecierra.swanmoments.lat
www.thedatafiend.com
thinkcrazy.co
app.thrift.house
www.tokamani.site
app.tsudot.com
www.waleedf.com
sessions.yakoffice.app
study.ytylab.com
app.integration.yuno.immo
Other domains in certificate