SSL Certificate Analysis for link.huerzeler.app - Security Grade & TLS Configuration

Open Cached · just now

78/100 SECURITY SCORE

Certificate Information

Subject

CN=www.codecraftedphysics.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 26, 2025

Valid Until

February 24, 2026 79 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B2:43:B5:20:9C:C0:69:86:52:1C:1F:96:64:39:FC:F9:B9:88:E8:A5:F7:E2:73:08:EF:EB:FD:38:91:DA:0B:9D

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Weak

require-trusted-types-for; report-uri; object-src; +3 more

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Present

ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Significantly strengthen CSP directives
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

link.huerzeler.app

Other domains in certificate

www.2compare.net

acomodeme.com.br

agilernd.com

anroy.ai

aslangroup.ca

bcast.world

beststore.app

www.brandandimagestudio.com

calcmei.com.br

www.captionpal.org

www.codecraftedphysics.com

beta.communoo.com

www.composersreference.com

www.danielbreault.art

www.decisiontreekt.com

demusclefactory.com

www.dunati.com

ecosys.app

test.ef3047.ch

plataforma.estadium.in

eyeofthetiga.com

fightmyticket.app

app.floa.com

www.forevermidwest.com

www.fuglebingo.dk

np-staging-web1.getlychee.link

hchltd.co.nz

e-learning.houseofdev.tech

www.itmrav.com

jogo-app.com

jurjenbraam.nl

kaankahraman.com

getapp.kaching.ai

wishlist.kawadev.net

tungsten.kirari.app

www.lidhiumjs.com

littlecitytreat.com

liveliveapp.dk

logixmena.com

looky.cloud

www.maminds.life

www.maxclosets.com

mcmaestranza.cl

meetsuzie.com

www.miles2go.in

www.milumino.app

mindstance.in

admin.minilemon.com.au

agglo-royan.montri.fr

nazeerfresh.com

netleo.pl

www.niren.jp

onepercentdeal.ca

onstage-vr.com

app.onusify.com

version2.pabloporto.me

penzion-w.cz

perasusa.app

admin.pingnwin.com

puredrvn.com

spot.rezidnet.com

rodrigosilvafolio.com

www.sahkotk.fi

salamasec.com

scratchfy.com

selfie-jagten.dk

qa.chat.sellia.com.mx

management.shiseidothestore150.app

app-dev.site-ymobile.net

sked.ai

soliditycorp.com

starpropertiz.com

learn.stem.one

www.stsdeliverysolutions.ca

studioballon.it

talenticatree.org

www.telawa.app

theatrix.app

kolpo.next.timyst.com

top7reasons.com

www.trevelo.app

trusty.li

cypher.wharton.upenn.edu

uptimeiq.xyz www.uptimeiq.xyz

colloqui.uzakotim.com www.uzakotim.com

victorandree.se

villa-onyra.fr

stg.visits-innovators.com

licenses.volleystation.com

app.writerelease.com

yachtly.ae

www.yamadajirushi.co.jp

fiberbox.yanartech.com

yekola-lingala.com

developers.ysd.co.jp

beheer.zzcoldstores.com