Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=admin.fadenwerk-murten.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 22, 2026
Valid Until
April 22, 2026
77 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
30:06:24:D3:45:6E:41:5C:CE:C6:55:0A:52:60:5B:AA:B6:2B:40:8D:20:5F:A9:36:DE:34:EF:73:F0:F0:18:EB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.baseleaf.co
info.aismov.com
akankhyasingh.com
amara-app.uk
www.aupesbox.com
avalonmart.com
www.bluuweb.dev
brightpeak.surf
www.brightpeak.surf
chama.direct
clinicosis.com
cats.cmrl.in
firebase.ridenow.co.kr
www.powerconnect.co.kr
mta-sts.cocoa.works
kelimezinciri.com.tr
constrengine.com
na.cradle.work
cruxible.co
dasmeshverma.com
demoportal.site
thegameawards.dreamwave.live
eazymarts.com
hanged.ebombo.io
eitsareshook.org
dev.operator.elxa.io
dev.vessel.elxa.io
www.emploitech.com
evalndt.com
app.expensif.app
admin.fadenwerk-murten.ch
www.fortum.lv
fractiv.ai
www.fractiv.ai
www.georgebrowning.net
pages.geotidestudio.com
goldkey.enterprises
grandwesson.store
test.hamsaspace.com
tutorlist.highskill.me
wbs.hingomdev.com
www.imemorize2.org
farmersgr.innovare-thai.com
www.inventconference.in
irastellarsoft.com
jjnetteam.hair
www.jjnetteam.hair
mwc-dashboard.jointogethergroup.events
almaneo.kinfri.online
almaneonft.kinfri.online
laisladrinks.com
www.leadory.fr
crm.lifecool.com.co
www.liziasmr.com
luda.rest
www.luda.rest
lugarrico.ng
mamacitafitness.com
marvingaye.com
medtecinno.com
admin.menuapp.online
menuapp.online
www.mifuturo.uy
www.nelco-network.com
inspira.noytrall.com
app.odontobb.com
olivemedicalhk.com
opulentdevgroup.com
cdc2.order.place
test-env.parkalot.io
www.profittracker.net
volamap.puchu.dev
www.rashiglow.com
ruchiraraagam.com
www.ruchiraraagam.com
starquest.co
startkeyvadi.com
stejbel.com
scsl.sticksports.com
sureaccounting.org
www.synergik.my
takeout.page
tcgscad.com
telcometa.com
links.dementia-dev.theprojectfactory.com
tpayne.ai
www.tpayne.ai
assets.tresastronautas.com
ubitlogger.com
omnipassportal.unboundorigins.com
vypple.com
www.vypple.com
whpioneers.autos
www.whpioneers.autos
formsched.xpotato.net
yayasanparaaulia.org
dev.yourappstudio.com
www.yyhub.lol
yyhub.lol
zamrudila.app
Other domains in certificate