Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
C=CH, ST=Zürich, L=Zürich, O=ABB Asea Brown Boveri Ltd, CN=waf-abb-cert13.abb.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
November 21, 2025
Valid Until
September 15, 2026
243 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
69:E2:9A:07:09:46:74:6A:41:D4:6E:4F:0B:72:AC:BB:90:46:7F:36:7E:AF:5E:67:73:51:D7:FD:BD:0D:2B:0B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
99 domains
chatbots.abb.com
dima.abb.com
elsp-digitalproduct-resources.abb.com
enclosedswitches.abb.com
insideplus.abb.com
insite.abb.com
itct.abb.com
library.abb.com
lvsdata.abb.com
productid.abb.com
smarttracker.abb.com
travel-vacation-nam.abb.com
waf-abb-cert13.abb.com
www1000.abb.com
admin.chatbots.abb.com
admin.itct.abb.com
api.dima.abb.com
api.enclosedswitches.abb.com
api.insite.abb.com
api.itct.abb.com
api.legacybridge.abb.com
api.library.abb.com
be.easyproweb.abb.com
beacon.license-management.abb.com
de.easyproweb.abb.com
dev.chatbots.abb.com
dev.dima.abb.com
dev.elsp-digitalproduct-resources.abb.com
driveinsight.motion.abb.com
edda.motors.abb.com
engineering.itct.abb.com
external.infrastructure-monitoring.abb.com
external.productinformation.abb.com
idg.ch.abb.com
insideplus.stage.abb.com
mobile.genetec.abb.com
publish.library.abb.com
qa.dima.abb.com
resources.library.abb.com
robo-resolve-genius.robotics.abb.com
stage.drivehub.abb.com
stage.productid.abb.com
technicalreporting.motion.abb.com
test.projectspace.abb.com
test.travel-vacation-nam.abb.com
uam.library.abb.com
webimages.imagebank.abb.com
xc-s-zw06026.xc.abb.com
admin.dev.chatbots.abb.com
admin.technicalreporting.motion.abb.com
admin.welcome-configurator.mybuildings.abb.com
api.docweb.econfigure.abb.com
api.driveinsight.motion.abb.com
api.engineering.itct.abb.com
api.otcweb.econfigure.abb.com
api.re460monitoring.traction.abb.com
api.salesinfo.drives.abb.com
api.tripcurves.econfigure.abb.com
api.uam.library.abb.com
ch.welcome-configurator.mybuildings.abb.com
dev.api.dima.abb.com
dev.driveinsight.motion.abb.com
dev.edda.motors.abb.com
dev.goselect.motion.abb.com
dev.onecare.motion.abb.com
new2.welcome-configurator.mybuildings.abb.com
qa.api.dima.abb.com
stage.api.legacybridge.abb.com
stage.ar.drivehub.abb.com
stage.edda.motors.abb.com
stage.studio.drivehub.abb.com
stage.technicalreporting.motion.abb.com
stage.test.drivehub.abb.com
stage.uam.library.abb.com
test.edda.motors.abb.com
test.uam.library.abb.com
ws.library.e.abb.com
admin.new2.welcome-configurator.mybuildings.abb.com
api.ch.welcome-configurator.mybuildings.abb.com
api.dev.driveinsight.motion.abb.com
api.dev.salesinfo.drives.abb.com
api.new2.welcome-configurator.mybuildings.abb.com
api.stage.driveinsight.motion.abb.com
elb.ws.library.e.abb.com
int.ws.library.e.abb.com
stage.admin.technicalreporting.motion.abb.com
stage.function-getserviceactionform.drivetune.motion.abb.com
wiring-diagram.new2.welcome-configurator.mybuildings.abb.com
dev.api.drivesize.abb-drives.com
qa.api.drivesize.abb-drives.com
api.customizing.busch-jaeger.de
api.smart-ip-configurator.my.busch-jaeger.de
api.welcome-configurator.busch-jaeger.de
customizing.busch-jaeger.de
welcome-configurator.busch-jaeger.de
quotes.cylon.com
www.gfi.ca
id.abb
stage.id.abb
Other domains in certificate