Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=savings.tsoftware.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C1:B4:4E:C7:3D:97:AA:CE:A2:B5:49:37:A1:FF:2A:CB:D1:30:C0:20:61:B0:41:DB:9B:CF:6F:A9:C4:AC:36:37
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.lollspace.com
c.0br1.io
www.accumulations.io
napoli.admi.com.ar
www.gabrielapavani.adv.br
adzine.io
alanpagzz.dev
alice.games
alumind.co.uk
billet.kystmuseet.dk.attraction1.ameroservices.dk
amies-app.com
angular-ph.org
www.angular-ph.org
antr.ee
usaflex.appshare.com.br
app.auskunft.de
preview.avatecmarine.com
www.becquee.com
www.beloz.com.mx
bewerbung-corinna.de
klueh.cateringportal.io
edu.clairityia.com
preprod.meu.clozzy.com.br
wed.studiorami.co.il
urbangarage.co.in
ss.opensourcelab.co.kr
col-us.com
coolingtowersservice.com
nibako-support.daihatsu.co.jp
demo-mb.tk
sql.dev-master.ninja
diskito.eu
dpgpuzzels.nl
bin-management-system.prod.ecgo.co
www.emmaline.co.nz
www.factsonclimate.org
www.farmakim.com.br
app.fubles.com
fuglu.net
stg.authentication.fullmarks.io
fullyone.com
huseyin.es
api.indicanet.com.br
weselpay.jeanhumblot.dev
www.jguedon.com
www.jimhortons.com
imhungry.junrae.com
justinwhitfield.info
www.kajaaniairport.fi
kollmar-angus.de
www.lfconnect.net
tv.livebd.me
www.longforme.com
business.man-al.com
pharmacie-dev.meditect.com
megahit.net
www.migrantvisa.co
mipuro.cz
custom.modernmapart.com
starmap.modernmapart.com
krac.mogaanatm.com
mortgageimpactpodcast.com
www.muradjouhari.com
quiz.mydynamicerp.com
join-dev.myvmeeting.com
app-sandbox.newslithq.com
www.newtechq.com
www.nlp4breakfast.com
admin.prod.supertutor.oakslab.dev
onedeveloperway.com
onyra.fr
ordinal-ascii.com
oudgoudverkopen.be
papershaven.com
patriciadeco.com
pawanmukati.com
www.platformheroes.net
www.prossell.online
publico.id
admin.racer.app
rc-f.reflection-method.com
rndrboss.com
ceramicdesignlab.rodruza.nl
www.rybot.eu
sarohaestates.com
sethriggenbach.com
shehryar.ae
siav.sistena.app
www.dev.sociallax.com
sonoradefensa.com.mx
storetracker.io
www.swipedrinks.app
tatweriah.sa
tetsuson2003.com
www.thatcomeup.io
test.jobs.tokhimo.com
scripts.terms.tordenapps.com
savings.tsoftware.ch
lyrics.ubobu.cz
vanburywedding.com
Other domains in certificate