Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=pure-lessive.fr
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
December 16, 2025
Valid Until
March 16, 2026
40 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CD:D3:10:8D:67:56:89:77:83:B3:68:72:12:A0:85:C9:03:06:97:41:27:58:99:97:22:B9:1A:72:38:DE:80:AF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
watfbc.org
*.watfbc.org
332a.net
*.332a.net
accala.com
*.accala.com
arcteryxoutlet.com
*.arcteryxoutlet.com
*.ww25.arcteryxoutlet.com
*.ww38.arcteryxoutlet.com
arksafetyproducts.com
*.arksafetyproducts.com
bitcoinafrica.com
*.bitcoinafrica.com
*.helpdesk.bitcoinafrica.com
*.random.bitcoinafrica.com
blinque.me
*.blinque.me
chatspn.com
*.chatspn.com
classicstainedoflv.com
*.classicstainedoflv.com
coxsackievirus.de
*.coxsackievirus.de
e85.com.au
*.e85.com.au
*.ww38.e85.com.au
eldruneq.com
*.eldruneq.com
jointbell.com
*.jointbell.com
*.random.jointbell.com
kappersaanhuis.be
*.kappersaanhuis.be
*.random.kappersaanhuis.be
*.bi.lapote.net
*.entreprise.lapote.net
*.hostmaster.lapote.net
*.insights.lapote.net
lapote.net
*.lapote.net
*.mail.lapote.net
*.mail1.lapote.net
*.sip.lapote.net
*.sipinternal.lapote.net
*.test.lapote.net
*.visualize.lapote.net
*.ww.lapote.net
*.ww38.lapote.net
lisaannstalentmanagement.com
*.lisaannstalentmanagement.com
maylu.com
*.maylu.com
mazdacanada.com
*.mazdacanada.com
orderstatusvspone.com
*.orderstatusvspone.com
pure-lessive.fr
*.pure-lessive.fr
shpck.de
*.shpck.de
suppoort.me
*.suppoort.me
*.ww38.suppoort.me
*.random.toplesschefs.com.au
toplesschefs.com.au
*.toplesschefs.com.au
*.random.unitysouthernenvironmental.com
unitysouthernenvironmental.com
*.unitysouthernenvironmental.com
*.ww25.unitysouthernenvironmental.com
*.random.victoriasercert.com
victoriasercert.com
*.victoriasercert.com
vulvakrebs.de
*.vulvakrebs.de
whirlpoolparts.co.uk
*.whirlpoolparts.co.uk
*.random.yourfinancialfortress.com
yourfinancialfortress.com
*.yourfinancialfortress.com
yourstreetwearplug.com
*.yourstreetwearplug.com
zhulixia.com
*.zhulixia.com
ztt44.com
*.ztt44.com
zztt006.com
*.zztt006.com
Other domains in certificate