Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tsodilo.co.bw
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
80 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BA:62:C3:40:40:92:28:2E:BA:8E:B9:E7:0F:53:D7:59:D6:D6:5C:33:E2:8C:17:05:31:53:57:DC:EE:93:09:49
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
chillionnaire.com
reversi.28go.jp
agbstech.com
agileo.pl
aiwisdomtechnologies.com
account.alhuqebi.com
www.ambargupta.com
anjawollan.com
aptoiox.com
www.asioidenhoitaja.com
assuncaodelivery.site
snake.avinashv.dev
magic-test.awesomepiece.com
bobot.chat
www.cadencepm.net
capelaniamilitarcristorei.com.br
app-jump.carecloud.io
cetinkaya.me
tsodilo.co.bw
apps.pdamkotasmg.co.id
kabirdeula.com.np
www.competitiveinsight.io
scpa.controltag.it
m.creditea.ee
danielgwilcox.com
danienschilling.dk
cortex.hprd.synapsecloud.dataauchan.fr
auth.staging.backbone.datenkraft.info
api.decoda.com.au
portal.decotechs.xyz
partner.dietosure.com
ductulator.com
enorus.co.uk
escuelagranada.com
joaovilares.eu.org
getwean.app
gigenta.com
www.graph.run
www.greentask.ai
ondernemers.groenebon.nl
guritwines.it
headbodyscript.nl
admin.hydro.tv
www.idoki.co.uk
www.inverze89.cz
www.julian.yoga
kpop.fashion
reports.lankagemlab.com
www.loff.no
btree.lucask.dev
safeharvest.magecorp.in
malcaseek.com.br
mvp-nexus.com
gruppobbp.nempos.delivery
nnn.care
nym-solutions.cl
rh.ommbe.com
www.onecall.one
bright.org.nz
www.pagosmocorito.com.mx
parkr.no
paymali.co.za
www.paymali.co.za
www.peasapp.com
www.pentagonteam.es
popout.nyc
pung.me
fcpo.qloud.capital
rdthompsoncontracting.ca
sbssign.removis.jp
www.sauviapps.in
www.sexvers.com
siref.mx
www.smartrepair.app
www.smartsoftgalanis.com
www.soluweb.com.ar
sstuden.me
www.stephanieraymos.com
www.strikisadvogados.com.br
adm.stsa.swiss
hosting.sxi-sierra.com
synapse-swap.com
markdownnote.sys1yagi.com
app.taxpad.in
thegreatergood.gg
www.therapyinnovationinc.com
titanpartners.us
todovent.com.ar
text.trueway.com
shortsanb.tswebserver.it
tylerbenson.me
www.vasuchetty.com
about.vic.dev
texttocalendar.vishnuvardhanbr.com
lite.vodium.com
wannabet.ca
www.warways.in
wellbeingpassport.com.au
www.wellbeingpassport.com.au
whateverworks.studio
Other domains in certificate