sephora.com:443

Checked 5/15/2026, 12:01:54 AM · 193ms

Solid configuration. TLS 1.3, valid cert.

Certificate

192d until expiry

Subject: CN=*.sephora.com, O=Sephora USA, Inc., L=San Francisco, ST=California, C=US
Issuer: CN=GeoTrust TLS RSA CA G1, O=DigiCert Inc, OU=www.digicert.com, C=US
Valid from: Nov 24, 2025
Valid until: Nov 23, 2026
Self-signed: No
Hostname match: Yes
Trusted chain: Yes
Serial: 0EB56C7806BC04B12FC8A87FBFCDEFDB

Subject Alternative Names (2)

*.sephora.com
sephora.com

Certificate chain (3)

Leafexpires Nov 23, 2026
CN=*.sephora.com, O=Sephora USA, Inc., L=San Francisco, ST=California, C=US
issued by CN=GeoTrust TLS RSA CA G1, O=DigiCert Inc, OU=www.digicert.com, C=US
Intermediateexpires Nov 2, 2027
CN=GeoTrust TLS RSA CA G1, O=DigiCert Inc, OU=www.digicert.com, C=US
issued by CN=DigiCert Global Root G2, O=DigiCert Inc, OU=www.digicert.com, C=US
Rootexpires Jan 15, 2038
CN=DigiCert Global Root G2, O=DigiCert Inc, OU=www.digicert.com, C=US
issued by CN=DigiCert Global Root G2, O=DigiCert Inc, OU=www.digicert.com, C=US

Protocol support

Negotiated: TLSv1.3 · TLS_AES_256_GCM_SHA384 (TLSv1.3)

TLSv1
Not supported
not supported
TLSv1.1
Not supported
not supported
TLSv1.2
Supported
TLSv1.3
Supported

HSTS

Max-age: 1.0 years (31536000s)
includeSubDomains: No
preload: No
Raw header: max-age=31536000

AI-assisted remediation

Want a tailored fix plan in plain English?

Wiredepth Pro sends this report to our AI engine and streams back a 30-day rollout plan tailored to sephora.com, with provider-specific tips when we can infer them from the data. 10 playbooks per month on Pro, 100 on MSP.

ProSee Pro plans→

Check another domain

Or share this URL with whoever owns the cert.