Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.benjamin-morelle.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A7:F7:45:9F:2E:1B:07:5C:30:D7:38:7B:28:5F:68:9E:2E:70:38:A5:BD:5B:6E:75:75:B0:5D:A6:92:3B:9C:4F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
aiot.no
100pfws.com
tracking.1shipping.in
1super.app
3-d.app
acg.hn
adsnaps.app
agsat.app
allriteproducts.com
bekoeurope.alpwcm.com
console-legacy.staging.ampify.io
www.arumastudios.es
www.atessati.com
www.benjamin-morelle.fr
bensarah.us
pre.bimmeet.app
bingo-lingo.art
admin.blindleister.de
christymoormann.com
lockstore.co.id
www.codelesstraveled.com
preview.aglomeracija-sinj.com.hr
onmobilekids.com.ni
bilbao.corntech.com.mx
vivo.cotesma.coop
cre8tivit.com
www.devicedb.app
diatonic.ro
watch.donaldo.dev
doseme.app
judge.educationawards.ie
elph.ca
www.ezfit.app
firerp.app
gaustadveien23.garasjeplasser.no
dl.geome.io
www.gs-bernau.de
harleyshampstead.london
hilios.ai
hkpujara.in
stockvilla.indiandevelopers.org
embuffet.app.infi.us
www.insaid.eu
www.intellinova.net
seguroindemnizatorio.inter.mx
jkmindustries.in
www.jobdev.be
kasanagroup.in
app.kraaft.co
duck.kunath.co.nz
securit.leonbenz.de
ligur.io
www.loftyapps.com
www.mastersoft.si
menulib.com
moons.com.pe
admin.motus-melior.hr
dashboard.movtest.net
bhinneka1945.my.id
nilenergy.es
scd.order.place
saanvi.org.in
www.saanvi.org.in
paddlers.co.uk
zeelplanner.performolabs.com
www.peruho.com
www.plaidrabbit.xyz
outplayhq.plugapp.net
treasurehunt.protoapp.net
controller.racios.consulting
demo.redacted.ai
www.rumx.app
sadiqulislam.net
auth.smknu1karanggeneng.sch.id
simpleclub.uk
skick.io
skuratovich.art
smsy.ninja
hioflekser.snapmentor.no
soulcrest.online
universidadcientifica.tcontur.pe
www.texjourney.com
www.thechosen.eu
link.ting-jia.cf
www.toprealtyspace.com
torche.io
liverpool.tracking.photos
app.truf.company
uniunite.in
verificapaspartu.vantea.com
vargas.ooo
vercert.io
thuphap.vinadesign.vn
www.vinijlawfirm.com
visualintellect.co
www.volttisolar.com.br
writingresearchexchange.net
xmanstudio.com.au
xmasapp.co.uk
app.staging.yuno.immo
Other domains in certificate