Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=gtmchannel.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 20, 2026
Valid Until
July 19, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D1:22:80:74:85:66:4B:04:FB:A3:4E:48:7E:EB:06:B0:70:E6:13:EF:F7:55:FC:78:EC:8D:91:F3:1F:0E:72:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
gtmchannel.com
*.gtmchannel.com
*.7b17b7f5-960b-4190-b12e-81fc673a15e4.gtmchannel.com
*.api.gtmchannel.com
*.app.gtmchannel.com
*.rd.gtmchannel.com
*.remote.gtmchannel.com
*.ww16.gtmchannel.com
blackburnelectrician.com
*.blackburnelectrician.com
*.fbyeawebmail.blackburnelectrician.com
*.servizi.blackburnelectrician.com
*.3odmg58cvjryhcx9.jamethoki.art
jamethoki.art
*.jamethoki.art
*.random.jamethoki.art
*.4103e5ca-2ddb-4213-a6ac-cb9e0aefd004.personalityfirst.io
*.4ea02a1b-7728-45b6-b456-d9f3768c9621.personalityfirst.io
*.admin.personalityfirst.io
*.api.personalityfirst.io
*.app.personalityfirst.io
*.assets.personalityfirst.io
*.demo.personalityfirst.io
*.dev.personalityfirst.io
*.jfwrmassets.personalityfirst.io
personalityfirst.io
*.personalityfirst.io
*.test.personalityfirst.io
*.admin.primeenergie.fr
*.administration.primeenergie.fr
*.alpha-ci.primeenergie.fr
*.analytic.primeenergie.fr
*.api.primeenergie.fr
*.app.primeenergie.fr
*.backend.primeenergie.fr
*.bi-uat.primeenergie.fr
*.blog.primeenergie.fr
*.cloud.primeenergie.fr
*.crm.primeenergie.fr
*.dashboard-preprod.primeenergie.fr
*.dashboard.primeenergie.fr
*.dashs.primeenergie.fr
*.demo.primeenergie.fr
*.dev.primeenergie.fr
*.entreprise.primeenergie.fr
*.frame.primeenergie.fr
*.gw.primeenergie.fr
*.hostmaster.primeenergie.fr
*.iframe.primeenergie.fr
*.imap.primeenergie.fr
*.insights-dev.primeenergie.fr
*.insights.primeenergie.fr
*.intranet.primeenergie.fr
*.laravel.primeenergie.fr
*.m.primeenergie.fr
*.mail.primeenergie.fr
*.mairie.primeenergie.fr
*.notexistsbackend.primeenergie.fr
*.notexistscrm.primeenergie.fr
*.notexistsdev.primeenergie.fr
*.notexistsiframe.primeenergie.fr
*.notexistslime.primeenergie.fr
*.partner.primeenergie.fr
*.portal.primeenergie.fr
primeenergie.fr
*.primeenergie.fr
*.pro.primeenergie.fr
*.prod.primeenergie.fr
*.remote.primeenergie.fr
*.report.primeenergie.fr
*.reporting.primeenergie.fr
*.s3.primeenergie.fr
*.shop.primeenergie.fr
*.staging.primeenergie.fr
*.store.primeenergie.fr
*.superset.primeenergie.fr
*.support.primeenergie.fr
*.telecommande.primeenergie.fr
*.tickets.primeenergie.fr
*.user.primeenergie.fr
*.v2.primeenergie.fr
*.vpn.primeenergie.fr
*.webmail.primeenergie.fr
*.ww.primeenergie.fr
*.ww38.primeenergie.fr
*.www.primeenergie.fr
*.wwww.primeenergie.fr
*.zllwowwww.primeenergie.fr
Other domains in certificate