Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=md.7mm.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 22, 2025
Valid Until
December 21, 2025
35 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C2:1E:DA:9B:99:3C:8B:83:F0:31:61:41:E7:AC:BF:39:EB:AD:86:42:17:84:BC:A9:CD:EA:86:50:A6:DB:3B:42
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
rojobirria.com
video.1pitch.de
link.2befficient.fr
www.5ws.app
md.7mm.ch
www.adea.app
help.affilimate.io
www.amiisdivierome.org
metabots.basehit.com.br
www.bkstudios.it
candy-box.pl
www.carolyn.page
viemonie.chaw.dev
privacy.click4card.com
midniight.co.kr
fotos.portaria.condlink.com.br
connyonair.com
live.demov3.contentfabric.io
corder.tech
www.deliverynotes.net
www.demolering.tech
designfitout.com
www.easystory360.tools
hebahan.ecarikerja.my
uc-bcf.edu.ph
elyown.in
usemobile.empuls.io
documentation.equipass.fr
app.exhpay.com
www.fluttershapemaker.com
www.fmeee.ovh
www.freelancertogo.com
patchymap.fulfillwishes.de
getproperty360.com
gioco.com
www.gussev.com
gutts.de
www.hardwarewalletph.com
hestrohospitality.it
admin.hifrax.com
hrfile.hoshinoresorts.systems
it2000k69bka.id.vn
induxlabsinc.com
reports.intelliflowio.com
jarednewnam.com
jasonpacini.com
www.jasonpacini.com
www.kaitours.bike
www.keebsclubuci.org
kinesisjs.com
www.laisuatkep.net
lovemob.io
luxe-help.com
dylan.lzandar.com
prayers.mai.ie
mayin-kholon.com
www.medsur.cl
migrant.nu
mittelstand-lokal.de
boodschappen.mpenson.com
retail.mymoons.pe
fotomajhenic.myphotopal.shop
www.neuronomy.org
www.login.nursecare.ai
portfolio.oaks-lab.com
ba.octigo.pl
www.optimal-klima.hu
painelarbo.com.br
pcforme.org
next.pdr.cloud
pinkskillet.com
propertyassignment.ca
quprosolutions.com
rabeashrief.site
rahulnangare.com
www.rashtriyamilitaryschools.com
refundscout.app
restraa.in
resynq.net
riarkdigital.com
ttcontroltower-demo.webapp.rxo.com
securidrive.io
snirx.de
www.somoseasybots.com
www.spacewek.com
www.spoach.net
krishnagiri.ssddroptaxi.in
trichy.ssddroptaxi.in
adelitasbday.swanmoments.net
taxcrew.in
blog.technopresso.com
thebubble.telos.my
app.tenebit.co
testgaurd.com
no.ubitlogger.com
app.personalizatucorreo.uc3m.es
vediccouple.in
www.watkanloekwel.nl
fcm.web.id
wildtidegirlslax.com
Other domains in certificate