Open
Cached
·
just now
96/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
UNKNOWN=500 486 915, UNKNOWN={:asn1_OPENTYPE, <<19, 2, 70, 82>>}, UNKNOWN={:asn1_OPENTYPE, <<19, 20, 80, 114, 105, 118, 97, 116, 101, 32, 79, 114, 103, 97, 110, 105, 122, 97, 116, 105, 111, 110>>}, C=FR, ST=Ile-de-France, O=Lemonway, CN=www.lemonway.com
Issuer
C=GB, O=Sectigo Limited, CN=Sectigo Public Server Authentication CA EV R36
Valid From
October 06, 2025
Valid Until
November 05, 2026
191 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4E:9E:01:0F:5E:95:6E:3B:3D:70:C2:48:ED:6A:75:78:09:C4:A2:16:53:E9:E4:49:D8:70:4F:94:94:4D:D8:FB
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
no-referrer-when-downgrade
Permissions-Policy
Present
geolocation=(self), microphone=()
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts