Open
Cached
·
just now
89/100
SECURITY SCORE
Certificate Information
Subject
C=FR, ST=Île-de-France, L=Rueil-Malmaison, O=Schneider Electric Industries SAS, CN=www.schneider-electric.com
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
December 18, 2025
Valid Until
October 06, 2026
260 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
87:E7:C0:98:B5:36:39:9C:E7:7C:E0:CD:3C:9B:13:CA:B1:73:5D:99:3F:26:1A:34:54:52:E7:23:1C:B2:43:5A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000; includeSubDomains; preload
Content-Security-Policy
Basic
default-src; script-src; style-src; +11 more
default-src 'self' *.se.com *.schneider-electric.com *.google-analytics.com *.googleapis.com *.gstatic.com *.force.com *.salesforce.com tools.se.app *.se.app ezlist-qa.com *.schneider-electric.us *.se-apps.net https://ssl.gstatic.com *.cookielaw.org https://cdn.cookielaw.org https://www.se.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' *.se.com *.schneider-electric.com *.google-analytics.com *.googleapis.com *.salesforceliveagent.com cdn.jsdelivr.net jsdelivr.net *.se *.cookielaw.org https://cdn.cookielaw.org data:; script-src 'self' 'unsafe-inline' https://ssl.gstatic.com https://www.google-analytics.com *.salesforceliveagent.com *.cookielaw.org https://cdn.cookielaw.org; script-src-elem 'self' 'unsafe-inline' *.googletagmanager.com *.google-analytics.com https://ssl.gstatic.com https://www.google-analytics.com https://*.jquery.com https://cdnjs.cloudflare.com https://www.googletagmanager.com https://*.se.com https://*.schneider-electric.com https://*.se-apps.net https://s3.us-east-2.amazonaws.com/xref-partnumbers https://cdn.jsdelivr.net/gh/umidbekk/react-flag-kit@1/assets/BR.svg https://www.se.com https://*.amazonaws.com https://*.salesforceliveagent.com *.force.com *.salesforce.com *.cookielaw.org https://cdn.cookielaw.org; style-src 'self' data: 'unsafe-inline' 'unsafe-eval' *; style-src-elem 'self' data: 'unsafe-inline' 'unsafe-eval' *; object-src 'none'; connect-src *; font-src 'self' * data: *.se.com *.schneider-electric.com *.gstatic.com https://www.se.com; form-action *; frame-src 'self' *.se.app *.se.com *.schneider-electric.com; frame-ancestors *;
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Missing
Not configured
Recommendations
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
94 domains
altivar-efficiency-calculator.se.app
ecostruxure-building-operation-sta.se.app
tools.se.app
diageo.ecostruxure-plant-lean-management.se.app
swap0.ecostruxure-plant-lean-management.se.app
swap1.ecostruxure-plant-lean-management.se.app
swap2.ecostruxure-plant-lean-management.se.app
swap3.ecostruxure-plant-lean-management.se.app
swap4.ecostruxure-plant-lean-management.se.app
uat.ecostruxure-building-operation-sta.se.app
globalprm.ascopower.com
info.ascopower.com
my.ascopower.com
synergy.ascopower.com
trackwise.ascopower.com
www.automationsquare.com
api.centeron.net
apibeta.centeron.net
auth.centeron.net
authbeta.centeron.net
dispatch.centeron.net
webview.centeron.net
wirelessmonitoring.centeron.net
www.centeron.net
www.eliwell.com
privat.elko.no
proff.elko.no
www.elko.no
www.elko.se
www.lifesf6free.eu
www.nxtcontrol.com
www.pmutraining.com
www.proface.com
www.profaceamerica.com
staging-br.proleit.com
staging-de.proleit.com
staging-es.proleit.com
staging-nl.proleit.com
staging.proleit.com
testing.proleit.com
webdemo.proleit.com
testing.proleit.com.br
testing.proleit.de
testing.proleit.es
testing.proleit.nl
www.pensions.schneider-electric.co.uk
conextinsight.schneider-electric.com
ezlist.schneider-electric.com
iportal2.schneider-electric.com
itjpncert.schneider-electric.com
schneider-electric.com
www.schneider-electric.com
clienti.schneider-electric.it
venditori.schneider-electric.it
consultas.schneiderelectric.es
my.schneiderelectricrepair.com
blogespanol.se.com
e-fakture-api-rs.se.com
e-fakture-rs.se.com
enable-service-public-api.se.com
eole-bi-qa3.se.com
eole-int1-web.se.com
eole-prod-web.se.com
idoctos-mx.se.com
itedgeconfigurator.se.com
paip.se.com
paipdev.se.com
seifoundation.se.com
servicestools.se.com
ssp.se.com
test-e-fakture-api-rs.se.com
test-e-fakture-rs.se.com
test-ssp.se.com
testwebsite002.sealz-dit.se.com
w3.squared.com
www.tscautomate.com
dashboard.xcelgo.com
licenseapi.xcelgo.com
clientapp.zenatix.com
dashboard.zenatix.com
device.zenatix.com
gitlab.zenatix.com
logos.zenatix.com
mender-dev.zenatix.com
mender.zenatix.com
notifications-ses.zenatix.com
notifications-sms.zenatix.com
passwordreset.zenatix.com
schedules.zenatix.com
sify-public.zenatix.com
support.zenatix.com
telemetry.zenatix.com
teleport.zenatix.com
www.zenatix.com
Other domains in certificate