Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=funnels.devcoreapps.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 27, 2025
Valid Until
December 26, 2025
43 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E7:7D:A5:BA:AE:95:5E:51:3A:2F:88:5C:5F:63:F3:C0:1C:6A:B7:8D:B2:45:0D:6B:C9:9C:21:8A:C1:B1:35:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
ssl.com
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
Wildcard CAs
comodoca.com
digicert.com
; cansignhttpexchanges=yes
letsencrypt.org
pki.goog
; cansignhttpexchanges=yes
ssl.com
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 5 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
100 domains
zebuetrade.com
actualte.tech
www.aswathyrajc.com
autoclinicsyria.online
avocadoidle.fun
azamas.dev
auth-firebase.balcaoautomotivo.com
butikasistan.com
www.butikasistan.com
carseekeu.com
cassidywebservices.co.uk
cemozkaynak.com
cloudtion.com
asogroup.com.ua
www.contandocomigo.org
cryptox.kg
cymba.events
funnels.devcoreapps.com
dmklogistics.in
dotktech.com
www.downallocation.com
portal.dynamu.co
edusustenabil.ro
www.edusustenabil.ro
admin.enjizha.com
staging.enjizha.com
tech.enjizha.com
enohealthcarefoundation.org
exosolar.app
fin-mapssolutions.com
www.flavourly.app
facilita.fleps.com.br
dev-new-app.frntdr.com
gurubhavisyam.com
himalayanspicesandherbs.com
azizicommercial.homewalkers.com
hayan.homewalkers.com
oauth.humanity.org
chatfile.hungda.net
agri-flyer.ier-prod.jp
www.infection.education
layer1.janction.ai
jayalathconstructions.com
www.jayalathconstructions.com
prep.jobbase.site
joose.digital
www.joose.digital
joose.live
www.joose.live
joose.works
josfox.education
dev-app.jumpdata.co.uk
www.keuxe.com
keyera.co
kidskops.com
www.kidskops.com
kikkawadesignshitu.com
land-department.landchain.online
user.landchain.online
www.leonardorocha.ai
annuaire.lepoool.tech
littlebeestore.com
lpkmedia.com
www.lpkmedia.com
maheshatech.com
majet.food
auth.movfascia.com
www.murtazaautos.com
app.bkapbekasi.my.id
bkapbekasi.my.id
myquranclass.org
next-reviews-booster.com
nyca.ci
www.ouluairport.fi
quickcash.paisa108.com
pomosound.com
popgate.bar
www.popgate.bar
postmakerai.site
ptyconsult.com
quicktree.jp
retrospaceagency.com
alpha.rlcofva.org
beta.rlcofva.org
liberty.rlcofva.org
travel-log.projects.saliyabandara.dev
alpha.samani.ai
dialog.site-mills.com
sonaliabelhekar.in
content.soulgate.io
tanamaoservico.com.br
www.taskcrum.com
cdxlviii.tibas.media
pcb.owner.topshelfrm.com
isp.virtualhasan.com
viwanda.africa
mopiku.webredirect.org
www.wijschattenuwwoning.be
www.yukooshima.jp
zivotopis-online.sk
Other domains in certificate