SSL Certificate Analysis for dev.fracttal.com - Security Grade & TLS Configuration

Open Cached · just now

93/100 SECURITY SCORE

Certificate Information

Subject

CN=*.fracttal.com

Issuer

C=US, O=Let's Encrypt, CN=E8

Valid From

January 01, 2026

Valid Until

April 01, 2026 55 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

67:A5:C2:D9:32:A0:2D:75:09:62:7B:F4:1F:4A:E0:21:A8:6C:69:F6:13:29:F8:6D:A0:66:C3:86:C0:1B:96:D8

Alternative Names

10 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Excellent

max-age=31536000; includeSubDomains; preload

Content-Security-Policy

Basic

upgrade-insecure-requests; script-src; child-src; +10 more

upgrade-insecure-requests; script-src 'self' 'unsafe-inline' 'unsafe-eval' data: https://*.alejo.com https://*.fracttal.com https://*.totango.com https://aistudio.fracttal.com https://ajax.cloudflare.com https://app.getbeamer.com https://app.intercom.io https://*.customer.io https://code.gist.build https://cdn.segment.com https://cdn.socket.io https://cdn.socket.io https://chatdev.fracttal.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-community-paris.s3.eu-west-3.amazonaws.com https://fracttal-community.s3.amazonaws.com https://fracttal-deploy-s3-paris.s3.eu-west-3.amazonaws.com https://fracttal-deploy-s3.s3.us-east-1.amazonaws.com https://fracttal-dev-paris.s3.eu-west-3.amazonaws.com https://fracttal-dev.s3.amazonaws.com https://fracttal-fs-paris.s3.amazonaws.com https://fracttal-fs-paris.s3.eu-west-3.amazonaws.com https://fracttal-fs.s3.amazonaws.com https://fracttal-fs.s3.eu-west-3.amazonaws.com https://fracttal-paris-fs.s3.eu-west-3.amazonaws.com https://js-na1.hs-scripts.com https://js.hs-analytics.net https://js.hs-banner.com https://js.hscollectedforms.net https://js.hsforms.net https://js.intercomcdn.com https://js.intercomcdn.com https://maps.google.com https://maps.googleapis.com https://mng-ui-prod.s3.amazonaws.com https://mng-ui-prod.s3.eu-west-3.amazonaws.com https://mng.fracttal.com https://mngdev.fracttal.com https://pod-13-sunco-ws.zendesk.com https://pod-13.zendesk.com https://sonar-community.fracttal.com https://sonar.dev.fracttal.com https://sonar.dev.fracttal.com https://static.cloudflareinsights.com https://static.getbeamer.com https://static.zdassets.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai.s3.us-east-1.amazonaws.com https://widget.intercom.io wss://pod-13-sunco-ws.zendesk.com; child-src https://intercom-sheets.com https://fast.wistia.net https://intercom-sheets.com https://player.vimeo.com https://www.intercom-reporting.com https://www.youtube.com; style-src 'self' 'unsafe-inline' https://*.fracttal.com https://aistudio.fracttal.com https://app.getbeamer.com https://app.getbeamer.com https://cdn.segment.com https://chatdev.fracttal.com https://fonts.googleapis.com https://openlayers.org https://static.intercomassets.com; img-src 'self' 'unsafe-inline' blob: data: https://*.fracttal.com https://*.ggpht.com https://*.googleapis.com https://*.intercom-attachments-1.com https://*.intercom-attachments-2.com https://*.intercom-attachments-3.com https://*.intercom-attachments-4.com https://*.intercom-attachments-5.com https://*.intercom-attachments-6.com https://*.intercom-attachments-7.com https://*.intercom-attachments-8.com https://*.intercom-attachments-9.com https://*.intercom-attachments-9.com https://*.customer.io https://*.totango.com https://aistudio.fracttal.com https://app.getbeamer.com https://chatdev.fracttal.com https://downloads.intercomcdn.com https://flagcdn.com https://forms.hsforms.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-community-paris.s3.eu-west-3.amazonaws.com https://fracttal-community.s3.amazonaws.com https://fracttal-deploy-s3-paris.s3.eu-west-3.amazonaws.com https://fracttal-deploy-s3.s3.us-east-1.amazonaws.com https://fracttal-dev-paris.s3.eu-west-3.amazonaws.com https://fracttal-dev.s3.amazonaws.com https://fracttal-fs-paris.s3.eu-west-3.amazonaws.com https://fracttal-fs.s3.amazonaws.com https://fracttal-paris-fs.s3.eu-west-3.amazonaws.com https://fracttales.zendesk.com https://gifs.intercomcdn.com https://js.intercomcdn.com https://maps.google.com https://maps.gstatic.com https://messenger-apps.intercom.io https://mng-ui-prod.s3.amazonaws.com https://mng-ui-prod.s3.eu-west-3.amazonaws.com https://p13.zdusercontent.com https://static.getbeamer.com https://static.intercomassets.com https://static.zdassets.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai.s3.us-east-1.amazonaws.com https://track.hubspot.com https://uploads.intercomusercontent.com https://avatars.githubusercontent.com https://user-images.githubusercontent.com https://v2assets.zopim.io https://video-messages.intercomcdn.com https://www.gravatar.com https://www.gstatic.com; media-src https://js.intercomcdn.com; font-src 'self' data: http://fonts.intercomcdn.com https://*.fracttal.com https://aistudio.fracttal.com https://app.getbeamer.com https://chatdev.fracttal.com https://fonts.googleapis.com https://fonts.gstatic.com https://js.intercomcdn.com; form-action https://intercom.help http://*.internal.fracttal.com https://*.fracttal.com https://api-iam.intercom.io https://app.getbeamer.com; default-src 'self' blob:; connect-src 'self' blob: data: https://*.fracttal.com https://aistudio.fracttal.com https://api-iam.intercom.io https://api-ping.intercom.io https://api.intercom.io https://api.segment.io https://assets1.lottiefiles.com https://assets3.lottiefiles.com https://*.cloud.gist.build https://*.getbeamer.com https://cdn.segment.com https://chatdev.fracttal.com https://dev-ccmha47qgmagop4f.us.auth0.com https://ekr.zdassets.com https://forms.hubspot.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-ai-dev.s3.amazonaws.com https://fracttal-community-paris.s3.amazonaws.com https://fracttal-community-paris.s3.amazonaws.com https://fracttal-community-paris.s3.eu-west-3.amazonaws.com https://fracttal-community.s3.amazonaws.com https://fracttal-community.s3.eu-west-3.amazonaws.com https://fracttal-deploy-s3-paris.s3.eu-west-3.amazonaws.com https://fracttal-deploy-s3.s3.us-east-1.amazonaws.com https://fracttal-dev-paris.s3.eu-west-3.amazonaws.com https://fracttal-dev.s3.amazonaws.com https://fracttal-fs-paris.s3.amazonaws.com https://fracttal-fs-paris.s3.eu-west-3.amazonaws.com https://fracttal-fs.s3.amazonaws.com https://fracttal-paris-fs.s3.eu-west-3.amazonaws.com https://fracttal.eu.auth0.com https://fracttales.zendesk.com https://maps.google.com https://maps.googleapis.com https://mng-ui-prod.s3.amazonaws.com https://mng-ui-prod.s3.eu-west-3.amazonaws.com https://nexus-websocket-a.intercom.io https://nexus-websocket-b.intercom.io https://pod-13-sunco-ws.zendesk.com https://pod-13.zendesk.com https://roads.googleapis.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai-paris.s3.eu-west-3.amazonaws.com https://tonybot-ai.s3.us-east-1.amazonaws.com https://uploads.intercomcdn.com https://uploads.intercomusercontent.com https://zendesk-eu.my.sentry.io wss://dev.fracttal.com wss://nexus-websocket-a.intercom.io wss://nexus-websocket-b.intercom.io wss://one.fracttal.com wss://pod-13-sunco-ws.zendesk.com wss://pod-13.zendesk.com; worker-src 'self' blob: *.fracttal.com; frame-src 'self' https://*.fracttal.com https://*.intercom.io https://371psd0fr0zk.statuspage.io https://aistudio.fracttal.com https://app.getbeamer.com https://chatdev.fracttal.com https://intercom-sheets.com https://maps.google.com https://maps.googleapis.com https://push.getbeamer.com https://view.officeapps.live.com https://www.intercom-reporting.com/; frame-ancestors 'self'

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Present

same-origin

Permissions-Policy

Present

geolocation=(self), camera=(self "https://chatdev.fracttal.com"), fullscreen=(*), microphone=(self "https://chatdev.fracttal.com"), clipboard-read=(self "https://chatdev.fracttal.com"), clipboard-write=(self "https://chatdev.fracttal.com")

Recommendations

• Improve CSP by adding more specific directives and removing 'unsafe-inline'

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

10 domains

*.fracttal.com *.app.fracttal.com *.beta.fracttal.com *.dev.fracttal.com *.drp.fracttal.com *.internal-dev.fracttal.com *.internal.fracttal.com *.mgdev.fracttal.com *.mng.fracttal.com *.sesgo.fracttal.com