Open
Cached
·
just now
75/100
SECURITY SCORE
Certificate Information
Subject
C=CN, ST=ZheJiang, L=HangZhou, O=Alibaba (China) Technology Co., Ltd., CN=*.aliexpress.com
Issuer
C=BE, O=GlobalSign nv-sa, CN=GlobalSign GCC R3 OV TLS CA 2024
Valid From
May 14, 2025
Valid Until
June 15, 2026
224 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B4:B3:4C:1B:94:C3:28:28:26:51:1F:41:64:3E:1C:3D:F0:BF:AF:1E:9A:2E:E8:3E:02:F2:F6:DC:77:BD:EC:C6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
Forward Secrecy
Limited
(Check cipher configuration)
Warnings
- • TLS 1.3 is not supported (recommended)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
93 domains
aliexpress.com
*.aliexpress.com
*.acs.aliexpress.com
*.ae.aliexpress.com
*.aecategoryadmin.aliexpress.com
*.alimebot.aliexpress.com
*.allinone.aliexpress.com
*.ar.aliexpress.com
*.ascp.aliexpress.com
*.br-learning.aliexpress.com
*.br.aliexpress.com
*.cainiao.aliexpress.com
*.chuangyi.aliexpress.com
*.click.aliexpress.com
*.cobra.aliexpress.com
*.componentlibs.aliexpress.com
*.connect.aliexpress.com
*.crm.aliexpress.com
*.csp.aliexpress.com
*.datamatrix.aliexpress.com
*.de.aliexpress.com
*.dispute.aliexpress.com
*.dos.aliexpress.com
*.es-university.aliexpress.com
*.es.aliexpress.com
*.finnet.aliexpress.com
*.fr-learning.aliexpress.com
*.fr.aliexpress.com
*.fuwu.aliexpress.com
*.gds.aliexpress.com
*.gearbox.aliexpress.com
*.global.aliexpress.com
*.he.aliexpress.com
*.id.aliexpress.com
*.interactive.aliexpress.com
*.it-university.aliexpress.com
*.it.aliexpress.com
*.ja.aliexpress.com
*.ko.aliexpress.com
*.m.aliexpress.com
*.media.aliexpress.com
*.member.aliexpress.com
*.nl.aliexpress.com
*.origin.aliexpress.com
*.payment.aliexpress.com
*.pl.aliexpress.com
*.posting.aliexpress.com
*.pre-datamatrix.aliexpress.com
*.pre-sycm.aliexpress.com
*.prepub.aliexpress.com
*.pt.aliexpress.com
*.ru-university.aliexpress.com
*.ru.aliexpress.com
*.russia-university.aliexpress.com
*.russia.aliexpress.com
*.seller.aliexpress.com
*.siteadmin.aliexpress.com
*.sycm.aliexpress.com
*.th.aliexpress.com
*.tr-university.aliexpress.com
*.tr.aliexpress.com
*.trendyol-university.aliexpress.com
*.trendyol.aliexpress.com
*.university.aliexpress.com
*.us.aliexpress.com
*.vi.aliexpress.com
*.wapa.aliexpress.com
*.workstation.aliexpress.com
*.ae.alibaba.com
*.aliexpress-media.com
*.cdn.aliexpress-media.com
*.src.aliexpress-media.com
*.aliexpress-service.com
*.aliexpress-tech-open.com
aliexpress.fr
www.aliexpress.fr
aliexpress.ge
*.aliexpress.ge
*.acs.aliexpress.ru
aliexpress.ru
*.aliexpress.ru
*.ascp.aliexpress.ru
*.bops.aliexpress.ru
*.click.aliexpress.ru
*.dev.aliexpress.ru
*.fortress.aliexpress.ru
*.mixer-pre.aliexpress.ru
*.seo.aliexpress.ru
aliexpress.us
*.aliexpress.us
*.click.aliexpress.us
tmall.ru
*.tmall.ru
Other domains in certificate