Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
C=CH, ST=Zürich, L=Zürich, O=ABB Asea Brown Boveri Ltd, CN=waf-abb-cert08.abb.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
December 17, 2025
Valid Until
April 29, 2026
102 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
B3:AA:A9:67:FD:08:B8:6B:2E:32:25:98:19:E2:4F:BA:B0:D9:15:E7:2B:1B:9B:71:D3:D2:CA:F0:BF:85:FF:E9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
'max-age=31536000; includeSubDomains; preload' always
Content-Security-Policy
Basic
default-src; script-src; connect-src; +3 more
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
99 domains
businesscard.abb.com
ccrp-light.abb.com
cms-ascc.abb.com
combiners.abb.com
configuratorsso.abb.com
e-mobility.abb.com
easyproweb.abb.com
econfigure.abb.com
envision.abb.com
insurance-risk-management.abb.com
ipower-license.abb.com
mobileappsourcecode.abb.com
multiscan.abb.com
ordertracker.abb.com
procure.abb.com
solstice.abb.com
test-ascc.abb.com
trackandtrace.abb.com
waf-abb-cert08.abb.com
www226.abb.com
www242.abb.com
access.motion.abb.com
api.ccrp-light.abb.com
api.combiners.abb.com
dev.ccrp-light.abb.com
dev.combiners.abb.com
dev.easyproweb.abb.com
dev.empower.abb.com
dev.procure.abb.com
docweb.econfigure.abb.com
ebusiness-dev.it.abb.com
ebusiness-qa.it.abb.com
ecommerce.industrialsolutions.abb.com
econfigure.xe.abb.com
fracas.motion.abb.com
gwa001.it.abb.com
leanoffice.pl.abb.com
loyalty-rewards.th.abb.com
maintenancedata.motion.abb.com
management.multiscan.abb.com
multiscan.stage.abb.com
mxp.turbo.abb.com
onecare.motion.abb.com
otcweb.econfigure.abb.com
re460monitoring.traction.abb.com
salesforce.coursefinder.abb.com
singledriveconfigurator.fi.abb.com
smart-home-configurator.mybuildings.abb.com
stage.ccrp-light.abb.com
stage.combiners.abb.com
stage.easyproweb.abb.com
stage.empower.abb.com
stage.myportal.abb.com
stage.ordertracker.abb.com
stage.procure.abb.com
stage1.myportal.abb.com
test.businesscard.abb.com
test.combiners.abb.com
test.configuratorsso.abb.com
test.easyproweb.abb.com
test.www112.abb.com
tnb.ca.abb.com
training.empower.abb.com
tripcurves.econfigure.abb.com
uat.procure.abb.com
vault.multiscan.abb.com
waftest.it.abb.com
api.access.motion.abb.com
backend.mxp.turbo.abb.com
dev.access.motion.abb.com
dev.api.ccrp-light.abb.com
dev.api.combiners.abb.com
dev.fracas.motion.abb.com
management.multiscan.stage.abb.com
new.welcome-configurator.mybuildings.abb.com
stage.access.motion.abb.com
stage.api.ccrp-light.abb.com
stage.api.combiners.abb.com
stage.ecommerce.industrialsolutions.abb.com
stage.onecare.motion.abb.com
stage.re460monitoring.traction.abb.com
stage.singledriveconfigurator.fi.abb.com
stage.smart-home-configurator.mybuildings.abb.com
tacteo-configurator.eu.mybuildings.abb.com
test.api.combiners.abb.com
dev.api.access.motion.abb.com
dev.new.welcome-configurator.mybuildings.abb.com
stage.api.access.motion.abb.com
stage.new.welcome-configurator.mybuildings.abb.com
test.new.welcome-configurator.mybuildings.abb.com
www.busch-jaeger.at
api.smart-home-configurator.my.busch-jaeger.de
baustellenplaner.busch-jaeger.de
dev.community.busch-jaeger.de
manuals.busch-jaeger.de
smart-home-configurator.my.busch-jaeger.de
tacteo-configurator.my.busch-jaeger.de
www.busch-jaeger.de
www.busch-jaeger.nl
Other domains in certificate