Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
C=FR, ST=Île-de-France, L=Rueil-Malmaison, O=Schneider Electric Industries SAS, CN=www.schneider-electric.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
December 18, 2025
Valid Until
October 06, 2026
261 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
87:E7:C0:98:B5:36:39:9C:E7:7C:E0:CD:3C:9B:13:CA:B1:73:5D:99:3F:26:1A:34:54:52:E7:23:1C:B2:43:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=31536000; includeSubDomains
Content-Security-Policy
Basic
form-action; object-src; frame-ancestors; +3 more
form-action 'self'; object-src 'none'; frame-ancestors 'none'; frame-src 'none'; script-src 'self'; base-uri 'self'
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(self "https://dashboard.xcelgo.com/"), ambient-light-sensor=(self "https://dashboard.xcelgo.com/"), autoplay=self, camera=(), encrypted-media=self, fullscreen=*, geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vr=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
94 domains
dashboard.xcelgo.com
licenseapi.xcelgo.com
globalprm.ascopower.com
info.ascopower.com
my.ascopower.com
synergy.ascopower.com
trackwise.ascopower.com
www.automationsquare.com
api.centeron.net
apibeta.centeron.net
auth.centeron.net
authbeta.centeron.net
dispatch.centeron.net
webview.centeron.net
wirelessmonitoring.centeron.net
www.centeron.net
www.eliwell.com
privat.elko.no
proff.elko.no
www.elko.no
www.elko.se
www.lifesf6free.eu
www.nxtcontrol.com
www.pmutraining.com
www.proface.com
www.profaceamerica.com
staging-br.proleit.com
staging-de.proleit.com
staging-es.proleit.com
staging-nl.proleit.com
staging.proleit.com
testing.proleit.com
webdemo.proleit.com
testing.proleit.com.br
testing.proleit.de
testing.proleit.es
testing.proleit.nl
www.pensions.schneider-electric.co.uk
conextinsight.schneider-electric.com
ezlist.schneider-electric.com
iportal2.schneider-electric.com
itjpncert.schneider-electric.com
schneider-electric.com
www.schneider-electric.com
clienti.schneider-electric.it
venditori.schneider-electric.it
consultas.schneiderelectric.es
my.schneiderelectricrepair.com
altivar-efficiency-calculator.se.app
diageo.ecostruxure-plant-lean-management.se.app
ecostruxure-building-operation-sta.se.app
swap0.ecostruxure-plant-lean-management.se.app
swap1.ecostruxure-plant-lean-management.se.app
swap2.ecostruxure-plant-lean-management.se.app
swap3.ecostruxure-plant-lean-management.se.app
swap4.ecostruxure-plant-lean-management.se.app
tools.se.app
uat.ecostruxure-building-operation-sta.se.app
blogespanol.se.com
e-fakture-api-rs.se.com
e-fakture-rs.se.com
enable-service-public-api.se.com
eole-bi-qa3.se.com
eole-int1-web.se.com
eole-prod-web.se.com
idoctos-mx.se.com
itedgeconfigurator.se.com
paip.se.com
paipdev.se.com
seifoundation.se.com
servicestools.se.com
ssp.se.com
test-e-fakture-api-rs.se.com
test-e-fakture-rs.se.com
test-ssp.se.com
testwebsite002.sealz-dit.se.com
w3.squared.com
www.tscautomate.com
clientapp.zenatix.com
dashboard.zenatix.com
device.zenatix.com
gitlab.zenatix.com
logos.zenatix.com
mender-dev.zenatix.com
mender.zenatix.com
notifications-ses.zenatix.com
notifications-sms.zenatix.com
passwordreset.zenatix.com
schedules.zenatix.com
sify-public.zenatix.com
support.zenatix.com
telemetry.zenatix.com
teleport.zenatix.com
www.zenatix.com
Other domains in certificate