Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=demo-capacitor.suvila.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 07, 2025
Valid Until
March 07, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E1:F4:71:82:70:6A:6A:0F:8C:F3:D7:CC:11:11:BC:10:79:AB:C2:57:A7:24:4F:D6:5B:1C:86:CC:9E:A7:CB:E8
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
walmarthealth.braid.health
store.180-bh.com
acemedicine.in
ad.adaptivemedia.tech
www.ajwaservices.ae
www.alexsze.technology
alivetoworship.org
pmp.dev.amanotes.net
app.aquabill.website
www.archeosit.it
www.armys.xyz
admin.askgodswill.com
local.askgodswill.com
go.aspasiaphilosophy.com
app.balley.io
www.beonbuy.com
f.bloc.asia
links.careerscloud.in
cbdata-dev-kiosk.cbdata.cz
steam.cinde.org
www.cohortopia.care
ldv.com.vn
www.connorstreng.com
www.crennect.com
www.daispot.com
studentlink-demo.digischoolapp.com
ducdao.io
fbox.flicked.com
www.foru.fan
www.frietroulette.be
fx712.xyz
www.goiartec.com.br
gravity-ops.com
admin.gymbook.in
hammergen.net
link.illust.ar
introvertbond.com
www.laboratoriodaluna.com.br
investors.larva.cloud
www.lisalab.it
www.lucasmbraz.com
user-auth.messcat.ai
griboff24.mk.ua
www.mkglobalhorizons.com
nyssc.most.org
mudanzascrespochiclana.es
peliculas.informacion.my.id
www.naturalfa.hu
portal.nithyakrishnacrackers.com
www.ohmyheckmarketing.com
www.okuloskop.com
fire-staging.olioex.com
omnisnexus.fi
vapiano-duesseldorf.menu.operate-app.com
link.cien.or.kr
pave-the-way.work
www.pianodoremi.com
pixelflurry.com
www.event.pointant-app.com
i.recehan.id
rexnrio.com
rockii.in
www.sabrinaandjesus.com
app.seedtospoon.net
sevavision.com
expense.shafkhan.com
shortformfunnels.com
signifiant.jp
smartboardlearning.com
auth.snakcity.com
www.sophiethescout.com
auth.stage.sportinghood.com
www.srxcoin.com
bookstore.stevenkaung.com
stripebooks.com
www.sultan-stl.com
demo-capacitor.suvila.ch
bodamejiabeltran.swanmoments.com
z.systemunknown.com
szabobeata.hu
taf16.com
tamarjoba.site
tasting-planner.com
m.tastr.us
theshoeslucky.com
www.tifand.co.uk
tnert.dev
top-garage-jovic.ch
www.tradonado.com
www.tuneapp.co
www.usemieo.com
www.vaddakh.ru
beta.venthere.net
www.vernonsmiles.com
password.vitoresende.dev
waterlatam.com
webess.co.uk
whatis.us
vrt-staging.winston-analytics.com
zharco.com
Other domains in certificate