Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=factosi.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 30, 2025
Valid Until
January 28, 2026
71 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
23:75:84:BC:8C:1C:D8:A3:8B:20:73:1E:A8:03:D4:DF:C4:20:FD:91:18:88:52:34:F9:B5:C7:BC:3A:F4:C9:96
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
em-lab.fr
abrajaldhafna.com
mta-sts.adamyi.com
portfolio.adithyanskumar.life
agromatch.store
www.albairaqmall.com
aoi-kougyou.jp
asicsapp.appshare.com.br
doctor.apxor.com
www.arthaus.cloud
behaviogroup.com
bjmuse.com
bitsprizer.brillsit.com
bugsbegone.mu
carswitch.app
cinepicks-watchlist.com
code-breakfast.com
codetta.app
anshukarki.com.np
dogparent.dogstays.lu
wms.econo.care
www.elocat.com
tandtmaster.etheux.com
click-this.everbloom.app
factosi.com
fankrits.com
festivalsenicetakgrafis.id
www.fischi.app
depot.fromsols.com
www.fullpotential-inc.org
www.fundrazor.club
givingfans.com
godsandtitans.io
gorandomly.com
gpracemap.com
tiktok.greagori.com
grocerybudi.com
brandilynih.halfassedmarketing.com
herbert.family
hootyhoo.life
ictsuhashi.com
www.indemand.app
inova-consultancy.com
theia.inpla.ai
secure.islamsenegal.com
issdavini.com
jellyfishhub.com
hlf.jupiterdocs.com
transport.keepneye.com
korastak.com
kpi4all.com
laburitos.com
test.latourneedesproducteurs.com
lbjwatches.com
www.lbjwatches.com
leniveauconsult.com
leuk.app
skype.limaois.me
vibeduck.lizdahlstrom.dev
logiksphere.com
loyalade.com
majorana-app.com
mattnordberg.com
michaelzchen.com
migs2wheels.com
miskexim.com
mobilsigortayeri.com
nexostaking.com
nycref.com
auth.paraworker.com
payhasly.com
www.pluvial.dev
prettyfort.com
psxfolio.com
qnext-testing.website
therapist.qual.ai
robynvshoxboy.com
www.sanrachnadesign.in
date-night.sethdavidkay.com
www.shefinances.in
shivohamcraft.com
speech-dive.com
steelaxisltd.com
swlacy.com
www.tarnio.com
payticket.tathkarah.com
docs.techilatechnologies.com
tammy-fsktm.techventura.dev
www.theadamspages.com
themetastack.com
upenncatalyst.turbosbir.com
tyreditorial.com
wangquan.me
www.wearebasetwo.com
www.wede.cl
witio.io
xque.ca
www.yigitcolor.com
www.zentech.app
app.zeusdesk.net
Other domains in certificate