Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=challengeceltic.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 03, 2025
Valid Until
February 01, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:91:FA:91:39:E9:5E:E0:74:C1:E0:D1:05:6D:C6:ED:79:4F:76:73:05:6C:DD:BA:D5:02:D5:BF:4D:73:2D:D3
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.huygensoft.com
www.addisonredmond.com
www.aiblocks.in
www.aiswarya.me
www.akemenid.com
jt-group-api-poster.alexward.xyz
admin-staging.analyticindex.com
angeli.dev
www.areadingwithpenelope.com
astraldelight.co.uk
sales.atyum.com
baseline.care
www.billboardfarsi.com
btemuulen.com
challengeceltic.fr
share.chptr.com
www.climatecallup.org
www.iyoga.co.in
auth.zenminder.cognuscraft.com
www.coolrunlimited.com
danflo.io
coincraft.detroitlabs.com
tariff-mgmt-s.dev-ltl-xpo.com
mumbai.developerweekend.org
app.diaconia.ro
doomhowl-interactive.com
door2move.nl
drdadds.com
review.dsmap.jp
www.enprometalurgica.com.br
itms-dashboard.enygma.ai
enypages.com
www.esmeraldaleiloes.com.br
www.fchapel.com
booker.framr.tv
frankfauci.com
getdimension.org
www.getkrakengames.com
gpxtracker.es
www.granitebug.com
backend.greenhillcapital.be
edenred.hai.bo
www.halocommodities.com
hatgeeks.com
www.heliosmetal.fr
helvetia-prive.ch
i.day
docs.iks-menu.ru
infinite.tennis
link-mei-lam.jec-digital.com
www.jornpipop.com
admin.kampnearme.com
khandrawong.com
kulezic.com
www.kunt.dk
www.light-desk.com
livesnitch.com
livraison-express.net
staging.loopcv.com
app.lorenzobaratti.it
lyact.com
io.m3dic.in
www.marmolesbernardo.com
verify.megajatiacademyapp.com
milenasilva.com.br
www.moveandfitness.app
musictw.com
myasiawok.de
stage-calculator.orbitcapital.cz
ponuka.palub.sk
passgenerator.org
avantgarde.portfolioview.co.za
atenea.proyectosuperarse.com.ar
rarevoxconsulting.com
warranty.restlon.com
resume4all.com
roomly.ch
ruw-ind.de
crowdfunding.sailforclimateaction.com
qa.selectstar.ai
admin.sgwa.org
www.sideresult.com
fbs-swinfurniture.sitepgatoto.sbs
app.speakableapp.com
test.suitejar.com
scott.swapp.work
tagresume.com
tflatot.fr
www.travel-to-lanka.com
login.travelsation.com
truuts.com
www.unterauer.com
www.valj.net
app.veero.ai
shop.vitanote.jp
www.weworld.fun
www.whichplace.io
auth.worthgrowth.com
v3.wotime.ch
zedbounty.com
Other domains in certificate