SSL Certificate Analysis for www.bunudhungana.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=cfslinks.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 12, 2025

Valid Until

March 12, 2026 65 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

43:81:4A:8A:C2:CE:BC:DA:1F:62:8D:AD:15:EA:16:8F:03:1E:3C:0F:F9:47:60:BD:FC:0A:C3:7C:86:62:A2:24

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

www.bunudhungana.com

Other domains in certificate

akut-med.de

uncaptcha.alasdaircasperd.com

www.alrashidconstruction.com

www.anyonecanfundraise.com

www.apereira.ca

staging.api.appjusto.com.br

www.ashwija.com

app.bdpedidos.com.br

jerezdigital2024.bracelit.es

calcfast.app

link.cartoes.digital

cfslinks.com

customer.chocolateteddies.com

api.click-defeat.com

www.wealthtick.co.in

www.comm-tool.com

cloud.consibio.com

portal.datawarehousegh.com

deepakvadgama.com

www.discoversalemacademy.com

eaglebox.studio

toys.el-darto.net

electricsine.com

eurovision.esony.net

www.ezora.co

www.focalintelligence.com

fsdmaps.com

pagos.futuralabs.mx

gachenot.eu

gdsc.app

ega.geneowebapp.com

getelephantcpa.com

getwulu.com

giomiccio.com

globaltouch.icu

gtmtls.co

encuestas.gvgarbal.com

helgorian.com

hellophysics.com

hottlabs.com

www.inventariopia.com

irishmaintenance.com

watch-tv.jesuseyitan.com

jly.app

www.jugendkompass.com

juliocastillo.dev

kanekohifuka.com

www.keithloughnane.com

kensingtonregeneration.org

www.kido-freiburg.de

kisscalls.com

playground.kistorm.com

my.leelalife.com

lubarbers.com

mariovelasquez.dev

mcastilleja.com

memeplex.app

mgma-mm.org

moin.work

moneymio.ai

www.moppu.com

portal.negashi.se

bankozk.neoufitness.com

nrubio.fr

spm.numerously.com

www.oxpure.tech

phimethod.com

piertopinsurance.com

piertoprealestate.com

prontotv.pronto.es

www.proshooters.app

demo.reveknew.app

www.roseusfox.com

www.rwabyte.com

cv.santi.dev

sarsatechpk.com

shastraaura.com

shenanigifs.app

smartpay21.com

sooperbooks.com

spotip17an.es

scratchandwin.sqwadhq.com

summerbasehart.com

drhafizur.sundiabetescare.com

injective.swapfast.app

www.the-arkive.com

theneuveda.com

dev-interface.theos.fi

www.thesantacruz.app

dash.tooq.me

console.treepodia.com

links.ulocal.co

www.verenigdamsterdam.nl

admin.walliance.eu

checklist.waylogtech.com.br

econ-app-dev.int.weeswares.com

womanintheroom.com