Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=peinture-amc.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 06, 2025
Valid Until
February 04, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1F:41:F1:63:A2:30:8F:5C:2D:71:BD:68:B5:4E:71:00:F0:46:5C:1B:06:27:7C:9B:0E:F4:B7:88:C6:20:15:FF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
blueridgeunita.com
hon-unit-config-test.3dcloud.io
www.3dwhiteboard.com
99batteries.com
www.ac-initiative.com
algorythms.ca
www.alguienquemequieremuchomeharegaladoestapagina.com
games.amazbit.com
anguard.ar
ariiveindia.in
orders.asquaregokarting.com
front.bocani.com
agent.bryngup.com
www.cadafalesdavid.es
kallakurichi.citydroptaxi.com
thiruvallur.citydroptaxi.com
thepacksoft.cloudframework.app
marmaravinc.com.tr
www.conf-bashedu-fmit.ru
cristianpandele.com
www.customjournalapp.com
www.dawnflix.in
www.dekadaprintworks.com
dietsodasoftware.com
dinner.dev
eastcoastcleanservices.com
dotfiles.eieio.xyz
elevatinglogic.com
direct.herlambang.eu.org
disposal.fleetwms.com
furrbud.com
www.gasolinaagora.com.br
gsshaykot.tech
www.hannahandandrew.com
daniel.hasbon.top
highlandsdigital.au
apps.hirmer-hospitality.de
www.husktech.net
www.ianloic.com
icabbi.dev
ichafruits.com
nda.id.vn
idraulicoagallarate.it
link-tin-shing.jec-digital.com
www.jumpnexus.org
jupiter-brilliant.com
clientes.k-9apps.com
online.kavilpadikkaldevi.org
letspop.to
lucernewater.ch
ghcontributions.luizp.ninja
www.masquepinturascortegana.es
accounts.matee.xyz
www.mentalni-kompas.com
www.metpolymer.com
www.mindtunesoft.com
molecularmedicals.com
momentumsocks.com
links.mycolors.com
www.mypartsmart.com
neural.blue
socialbits.nextbee.co
niveshartha.com
preview.norwoodeveninggardenclub.com
olenasaki.com
auth.padhaikaro.in
pagoseldorado.com
peinture-amc.fr
pelusita.app
phamarosborne.info
www.preaching.app
prenotauncampo.app
propemedia.com
smartoffice.provingground.tech
www.racheljue.com
saksfifthavenue.com.au
sbmcorpinfo.net
www.serenakuo.com
shivamindustrynabha.com
meeting.skylar.ai
snowyapp.com.au
practitioners.somersetsurvivors.co.uk
spottyer.one
www.sssaroyal.in
sudameria.com
invoice.dev.swoof.me
vania-pann-maritim.talentlytica.com
tanglewoodlanding.com
app.tapappme.com
www.thecharette.app
tuhin.site
unaldenetim.com
auth.video-tagger.com
whatsonnear.us
wiqrafashion.com
www.workiji.com
yhztower.ca
yudainakazaki.com
zachmathewswriting.com
mta-sts.zipi.app
Other domains in certificate