Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=offlinexfactor.com
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 26, 2026
Valid Until
August 24, 2026
72 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B5:65:51:95:5F:76:05:47:8E:FC:B9:BC:C3:30:2F:E0:5E:5E:E4:5E:62:B1:42:98:6F:5F:A9:E4:C5:AC:84:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
bbava.es
*.bbava.es
*.1.bbava.es
*.23a0f1cf-a617-4fd4-9ffb-420ad7e34155.bbava.es
*.73fb01ec-2b78-43b8-8b1f-3634d7059c3d.bbava.es
*.80589780-431c-42bb-87f4-e888b799e666.bbava.es
*.a.bbava.es
*.app-bbva.bbava.es
*.app.bbava.es
*.auth.bbava.es
*.backoffice.bbava.es
*.bbav.bbava.es
*.bbavnet.bbava.es
*.bbva.bbava.es
*.bnmjxmy.bbava.es
*.bsiwkoomrwwww1.bbava.es
*.c325dce3-2f47-4775-aac8-0966c6a5e7b5.bbava.es
*.client.bbava.es
*.demo.bbava.es
*.docs.bbava.es
*.e1decf80-d0c3-4c08-b241-697310b99be5.bbava.es
*.empreasas.bbava.es
*.empresas.bbava.es
*.empresasbbavnet.bbava.es
*.es-bbva.bbava.es
*.es.bbava.es
*.external.bbava.es
*.intranet.bbava.es
*.login.bbava.es
*.m.bbava.es
*.mobile.bbava.es
*.my.bbava.es
*.notexistsww1.bbava.es
*.oomrwwww1.bbava.es
*.portalbbua.bbava.es
*.share.bbava.es
*.sharepoint.bbava.es
*.smtp.bbava.es
*.sso.bbava.es
*.ww.bbava.es
*.ww1.bbava.es
*.ww2.bbava.es
*.ww38.bbava.es
*.www.bbava.es
*.www1.bbava.es
*.www2.bbava.es
*.www3.bbava.es
*.www4.bbava.es
*.admin.badge.locker
*.autoconfig.badge.locker
*.backup.badge.locker
badge.locker
*.badge.locker
*.blog.badge.locker
*.chat.badge.locker
*.cms.badge.locker
*.crm.badge.locker
*.dashboard.badge.locker
*.dev.badge.locker
*.edu.badge.locker
*.mail.badge.locker
*.mailer.badge.locker
*.marketing.badge.locker
*.new.badge.locker
*.qa.badge.locker
*.stg.badge.locker
*.uat.badge.locker
*.v1.badge.locker
*.v2.badge.locker
*.web.badge.locker
*.assets.c637.tv
c637.tv
*.c637.tv
*.6s98n.dark1688v4.xyz
dark1688v4.xyz
*.dark1688v4.xyz
fuzedev1.com
*.fuzedev1.com
*.laravel.fuzedev1.com
*.bestfordshipping.newgoldtravels.com
*.invoice.newgoldtravels.com
newgoldtravels.com
*.newgoldtravels.com
*.alpha.offlinexfactor.com
offlinexfactor.com
*.offlinexfactor.com
*.portal.offlinexfactor.com
*.support.offlinexfactor.com
*.wp.offlinexfactor.com
Other domains in certificate