Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
CN=condedynamics.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 17, 2025
Valid Until
February 15, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:57:C0:B1:90:19:08:F2:D8:4B:0D:6C:B5:D2:FC:2F:12:DC:EC:01:B6:94:6A:26:43:B1:09:29:47:44:C1:15
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=63072000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; child-src; img-src; +10 more
default-src 'none';child-src blob: 'self';img-src 'self' www.googletagmanager.com https://ssgtm.bergversetzer.ch data: 'self' *.googleusercontent.com https://maps.googleapis.com https://maps.gstatic.com *.bergversetzer.ch *.facebook.com platform-lookaside.fbsbx.com *.doubleclick.net;font-src 'self' https://fonts.gstatic.com;worker-src blob: 'self';script-src 'self' 'unsafe-eval' https://apis.google.com https://maps.googleapis.com 'unsafe-inline' https://www.googletagmanager.com https://ssgtm.bergversetzer.ch *.facebook.net *.facebook.com;style-src 'self' 'unsafe-inline' https://fonts.googleapis.com;frame-src 'self' *.firebaseapp.com *.youtube.com *.youtube-nocookie.com *.google.com ssgtm.bergversetzer.ch www.googletagmanager.com;frame-ancestors 'self';connect-src 'self' https://api.bergversetzer.ch/graphql cms.bergversetzer.ch *.geo.admin.ch https://securetoken.googleapis.com https://identitytoolkit.googleapis.com *.googleusercontent.com https://maps.googleapis.com *.google-analytics.com https://berghilfe.activehosted.com/proc.php ssgtm.bergversetzer.ch *.doubleclick.net *.facebook.net *.facebook.com;form-action 'self';object-src 'none';base-uri 'self';
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
bergversetzer.ch
bnq-alara-configurator-cert.3dcloud.io
ablecure.in
www.ackee.agency
adelenappimakeupartist.it
www.areashell.com
www.asialink.lk
db.aspevo.com
www.bigrobot.co
www.bonner.bio
boolan.dev
coblentz.dev
cardealership.cognitivecode.dev
amazon.commercedna.com
condedynamics.com
connectplaces.com.br
nineyards.deskbooking.app
app.do4meapp.com
dvredesign.in
site.easytripapp.com
www.emmardeinstitute.com
www.energywisegreen.com
link.epsor.fr
falconhorizon.net
zeus-test.fidelissd.com
money.fluin.io
www.fuelstop.io
app.getflowly.com
www.gianlucabarranca.it
domestic.ibranchrecruiters.com
www.inpractice.org
www.iot20k.com
www.jlegalthailand.com
info.kanaroom.com
admin.khanoo.com
leadershipsangha.com
www.leonardobianchi.com
www.linelevelaccounting.com
www.manacars.es
motiv-stage.mayamd.ai
demo--console.meiliiapp.com
mentalmercury.com
milkdromeda.dev
minted-lab.com
www.mixedblend.dev
next.n1c0l4.com
link-dev.netbinc.com
nibbot-tms.mx
www.nickhu.co.uk
notakshayp.in
www.nuovoforno1966.it
outfino.io
parvesh.au
pawpao.in
photondigital.in
opper.pinwout.com
praju.dev
app.prodmmd.com
dev.rajkinews.in
rakuten-cs.com
www.rashamahmouddesign.com
dev.rebekah-flora.com
db.recent-dentistry.com
tst.art.relyt.app
www.cha.art.relyt.app
sample.remotemonster.com
revisacarservice.com
www.robynjwall.com
rodfatherreels.co.nz
satinrosebeautysalon.com
www.shsilverstar.com
referrals.simplejobs.io
sinatragormansayido.com
auth.slyck.app
smgcs.in
www.softwaretx30.com
sonanttech.in
sport-oberwallis.ch
stoopteam.com
time.synpulse.com
agenic.synthexai.ai
techhiveco.com
technistudio.lk
terranovuss.com.co
www.thebloom.app
v2.themitchinghour.com
theshdp.org
www.thomassecretsanta.com
vendo-media.touchtech.com
tpltpodcast.com
trasksapp.com
udgoodlink.com
vectormonkeys.com
veebeed.com
waferlauncher.com
wheelof.fish
old.wheelofnames.com
www.workforages.dev
stg-app.zeca.ai
zillowlawfirm.com
Other domains in certificate