Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=app.simulateur-locatif.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 19, 2026
Valid Until
April 19, 2026
86 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DB:DB:E0:AE:AA:66:15:D3:35:8C:75:5E:66:6D:59:F7:85:1F:01:BA:68:B9:46:0A:74:65:C9:30:55:06:72:9E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.meetsalty.com
10110.dev
aarondovey.com
reservoir-uat.acecap.com
alirtify.com
andrebono.com
asia3ctech.com
australiandebtsolvers.ava-systems.com
bellytobabydoula.com
app.belong.chat
up.bergmann.tech
static-gallery.bocist.com
bpmathews.com
www.c-orbis.com
www.callusat.in
www.castleexplorer.eu
www.clubtennisatpitt.org
wordhurdle.co.in
consulatenepal.pl
www.contactusnow.in
d-wilkinson.uk
www.davidjohn.pro
depmapper.com
shplist-s.dev-ltl-xpo.com
devtyde.com
www.drewsdiabetus.com
duarteich.com
duration.earth.haus
www.easytaxconsultancy.com
www.app.ekkiden.com
agrilelang.elevarm.com
www.elysium-chain.com
emradsinc.com
erkangunaydin.com
fatcatcoffee.com
competitions.fitpuli.com
www.foodieyak.com
ggx01006-012.gadabout.games
gamesfromthegarage.com
henryspickles.com
borja.hormigos.com
hotelsolana.com
imperiopisos.com
inthyanvi.com
www.intrainz.com
inv-vlate.invito.link
www.jakeandcatherine.com
audio.jemedia.org
kris-kay.com
kuroro.blog
spa.home-finder.kziete.cl
lambertseterrevyen.no
lilbitsofmagic.com
loahoctienganh.com
www.magadhmission.com
mascrmsolutions.com
merpnderp.com
mgfer.link
snakegame.michelleabbas.com
www.micronetech.com
emos.mudupay.com
www.mvxperience.com
www.shaper.napalmcustom.com
nerinaserra.com
nextmovie.us
nonagoncup.com
octavioanalytics.com.br
ogsewell.space
www.pades.com.br
phieudexuat.online
www.pickatune.nl
protalk.game
vendor-staging-beta.qlub.cloud
www.raskraspryanik.ru
raulmoya.es
realmstats.gg
recargatulinea.mx
rideberry.com
www.mensd3.rowanhockey.com
www.rumvalley.com
www.rustleren.nl
www.sarlemile.fr
web.savetracksa.com
shaftmotors.co.uk
app.simulateur-locatif.fr
sj-holidays.com
www.smilzz.com
portal.squidloyalty.ie
www.daniel.dev.sthima.com
sumitkumarr.com
samiexperimentation.tech4work.fr
pilatessalud.timp.io
udrugalogoton.hr
uksponsorlist.co.uk
app.unghosted.co
vbdesigns.net
visilaw.com
www.weddingring.mn
www.zerahtech.com
landing.zonaagraria.com
Other domains in certificate