Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=creations-bois.ch
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 08, 2025
Valid Until
January 06, 2026
44 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FE:D0:8F:B2:71:F9:1B:C3:50:B4:E3:BB:A9:C9:58:3A:99:B3:F7:ED:E4:5C:6C:CE:6D:5A:B3:6E:3E:52:20:69
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
connect.mu
www.22q11northernireland.co.uk
www.730kingsley.com
abilways-eu.com
accountant.world
auth.alinaspanish.com
allthatjazzsoda.co.uk
appointment.ambivo.com
www.bandai-tcg-onlinelobby.com
docs.bitsrc.io
www.cmaz.io
www.pridesolutions.co.in
app.deliquick.co.kr
coachingrennais.com
staging.omv-well-flow-rates.cogniteapp.com
farmherd.com.np
creations-bois.ch
www.davidbuenov.com
cadmus22.ddns.net
apparel-website-demo.dee-studio.com
uniboard.deepb.co
www.destopesto.gr
bv.dev.br
l.devpegasusinseego.com
zia.doesntexist.ru
api.staging.fitkit.app
www.gauravsh.com
gig.bio
stroom.gkcenturion.co.za
helixpoem.com
app.heyandes.com
www.iclynx.com
vutienthang2k4.id.vn
www.igia.se
dashboard.itky.in
www.jbinas.com
blocks.jethrowilliams.com
jhrtech.uk
www.josw.in
www.kiagranby.com
story.kreatebots.com
legaltec-peru.com
www.lionell.me
www.lisakon.id
mindling.io
app.mismarapp.com
room.monetix.io
mrewebsolutions.com
configurador.muntbikes.com
alexandre.harano.net.br
card.nfc.mn
docswa.nuverax.com
oficinamilitar.com.br
app.okroo.com
onlinedroptaxi.com
cp5647908733976576.order.place
otftracker.com
analytics.overdriveviral.com
papel.games
admin.park-nav.com
a3000chords.pocketutilities.com
puyufarma.com
www.quantifai.co.uk
www.qvyshift.com
www.r2social.com
remacon.fi
share.repeatbox.de
email-images.reverbnation.com
qa.nova.labs.rle.de
link.dev.rovertms.com
portal.rvive.app
rzcareer.com
sapc.in
seanmcquaide.com
www.seitenfuerlevke.de
www.shanninc.com
www.showbarn.app
siguetuclub.com
singularitypressurewashing.com
skypeaklimited.com
soliact.net
solnary.com
www.c4c.ssbyte.com
app.thinka.hk
topchannelletters.com
triviaready.com
trlcoin.com
twigflicker.com
vahanprahari.in
euro.valoratual.com.br
test.vantag3d.live
velotafons.fr
www.verdegranel-ec.com
staging.storybook.vezham.com
skazki.vladisman.ru
windowalls.in
yamakiroku.page
dubaiexpo.zaack.io
zierolf.net
www.zugoe.com
Other domains in certificate