Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.codefacto.co.uk
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
January 10, 2026
Valid Until
April 10, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
CF:5A:0C:32:C3:24:46:AE:F9:9E:C6:1D:B1:FA:09:89:68:AA:05:07:5C:29:33:64:14:52:95:CA:CE:C0:CF:6D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ariseengineering.co
altai-partners.com
gos.amanotes.com
lp-paty.anatridico.com.br
admin.aonego.in
www.admin.aonego.in
arrevoice.co
artdsound.com
app.artistajobs.com
artveoli.com
assure.travel
atgamestudio.com
aura-dating-app.com
best-oripa-shop.com
www.cloudhealth.co.za
www.magicane.co.il
crypture.co.kr
www.lsseng.co.kr
app.codecraftguidelines.dev
www.codefacto.co.uk
www.depositoaquitem.com.br
www.dokov.bg
www.doverstav.se
egalnexus.com
emojinate.club
evolution-worldwide.com
www.fancyu.kr
beta-dev.fluics.com
hk.fotobots.com
groundedcoffee.company
www.hot5healthymeals.org
it2000dinhquoctuan16385.id.vn
lehonghai.id.vn
soictndhl06.id.vn
infographs.ai
link.ivygrowth.tech
kalyanam.dk
my.kinderville.pro
kingofludo.com
lyro.live
deeplinks.mafin.ru
toughcoach.magency.co
auth.make.io
www.marcipetfood.hu
www.metroartshermanoaks.com
metrome.in
www.mindcore.gr
portal-staging.nebula.org
lightidea.nextcoders.pro
nightowlguide.com
lltools.novarum.app
obrasavelino.com.br
onesmile.app
www.oorclan.co.uk
assessment.openintervue.com
otsokumeak.es
pable.shop
www.padmap.org
www.kenji.pedidodomicilio.es
photizo.io
piabixtechnology.com
www.pinballspace.com.br
dev.planmo.com
pmlegal.cl
app.pregunticas.com
portal.pythagorasmusicfund.com
rather.vote
sparkit.rccsonline.com
rcloud.co.nz
studio-staging.rebalance-center.com
amazonreviewscraper.sanjaygangwar.dev
www.santaroza.hu
www.schunk-remotesupport.com
smartminer.io
sourcebase.ca
www.stb-cleaning.com
reviews.stilla.dk
acme-pis.swarajdev.online
cms.texasenvironment.org
gopayments.thinkdigital.co.za
x.titans.town
www.tmsonewaycabs.com
okra-admin.tomup.co.jp
auth.topbuys.in
www.transactions.app
trefoten.no
tripseoulution.com
www.tunjanginfra.com
www.valeplus.biz
portal.vanathycrackers.com
viktorstojanov.com
app.vivetmarket.com
walkingcows.com
www.wayfinding.co.nz
webbricks.io
www.wpiathletic-clinics.com
wrsreksa.com
xiclos.com
test.zeffi.dev
zipplog.com
Other domains in certificate