Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=askirain.fr
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 05, 2025
Valid Until
March 05, 2026
89 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
FC:23:18:5E:77:76:9A:9D:85:A6:7A:12:04:1C:E6:88:C9:FC:79:2E:45:79:C4:82:58:7E:7C:E7:EC:A2:AE:0E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.pesacrash.com
www.abdimohamud.com
home-management.amaurychalot.dev
www.apostoladodelapreciosisimasangre.com.ar
askirain.fr
asmartech.in
bahamjun.com
www.bernhardtband.co.za
www.bijaypaudel.ca
black-hat-studios.com
admin-e2e.boltboxapp.com
spyfall.bortronx.com
webtest.buleo.es
caerulusvision.com
centralindustrieskandy.com
www.cittyo.com
staff2.onekitty.co.ke
www.convene.co
applinks.convious.com
credit101.net
www.danno.nz
decoright.biz
dose.management
eventbedarf-brune.de
eyraai.com
famomakers.com
www.findgrind.com
dev.fitforce2.com
florian-paris.ch
gaetalk-private.gaejotbab.dev
gcpuniv.com
www.ghosttoolset.com
www.headkanon.com
www.healthpla.net
herbsandfruits.ng
business-t1.huahfood.com
jeromeboateng.com
bkup.jibla.io
atschoolmobiledemo.kbcinc.cloud
www.v1.keeganwoodburn.com
keepcalmkeepsafe.co.uk
letsgotripping.be
ligabrt.com.br
wtlmd-test-app.lims-plus.us
www.litemojo.com
nr.m8u.co
onbee.maedrixgroup.com
www.mindstill.com
edge.auth.mondoo.com
mr2022.com
www.nagayama.dev
nakamata.tech
www.nalu-nani.com
www.nbssound.co.uk
www.neurale.io
www.newdaynew.me
tip-calculator.nguyene.com
nizzykicks.ca
nolanpestano.me
orchestratex.me
otherhalf.events
www.ozahra.com
www.pacificexecutiveservices.com
www.parxeapps.com
www.picmage.io
playrafiki.co.uk
www.pltrackr.com
www.procyongames.com
qls.vn
www.rapid-sender.com
operations.wow.reachnext.com
rexer.com.br
schoolofertugrul.com
www.seb7a.net
shark.com.br
sidegurus.com
www.similesregiogent.be
www.socialcnc.com
soundsscape.com
app.speedzexpresscourier.com
spl-natural.co.za
give.suitefeedback.com
suomenarvomaa.fi
www.tatataxi.in
www.cabs.int.tcat.app
www.tecalis.com
www.theresidencespompanobeach.com
www.thesavitskycats.com
thucphan.com
tinyapps.xyz
www.todo-md.com
tomassmits.com
myhub-staging.tyllpos.com
unserhaus.com.br
evenementen-systeem.vdab.be
preview.business.vezham.com
r.vigor.pl
vmaonlineevents.com
whispli.mobi
www.wolaexchange.com
Other domains in certificate