Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=learn.toggleafrica.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 04, 2025
Valid Until
January 02, 2026
36 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D4:61:B9:1A:1E:D9:2B:C0:2E:87:6F:70:54:A3:85:14:9F:34:2E:BB:CE:BC:4C:7D:D4:89:87:CD:00:90:A2:61
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
matomage-freedom.co.jp
404founders.com
on.4happ.ca
vipmed.aclsysteme.ca
adzin.site
alashdigital.com
www.atsanchez.es
construction.bluevalley.in
www.cardanistas.io
casalgrande.cz
chengchiu.com
www.coachxuxa.com.br
codebridge.my
link.zalora.com.hk
ul.autopro.com.vn
compliancechimp.com
creonaut.com
www.crescenttraders.in
doingbusiness2-0.datosmeg.com
deathduty.org
diddo.education
www.digibars.id
scope.discoverani.com
dl-costruzioni.net
files.dxgmail.com
www.earth2marsh.com
elrondpunks.com
emojiwidget.com
encodersit.in
quality.endrainc.com
ennorestandardsand.in
splash.ezcast.com
www.fadav.com.br
www.felixbagur.com
www.filesfit.com
www.firestoneandparson.com
fitself.me
fobego.com.pe
foodsolutionsth.com
fotsoandco.com
www.freefollows.top
fyneai.com
gem4d-demo.com
glowmax.app
gtech.wiki
www.hannibalnow.co.za
www.hen3rz.com
hepatil.com
heyyoudidit.com
company-dev.hotwax.io
www.indielog.com
invr.work
learn.itsltd.online
trafinfo.jbr.dk
justosiris.com
ksintermediacoes.com.br
listful.co
lybinuae.com
blockcommunications.madhive.com
mvtecidos.com.br
nxd.naxosdigitals.com
nemtac.co.uk
inv-s.beta.thsystems.net.in
www.onkeypress.co
ex.othellonia.com
otomate.co
link-dev.overplay.com
auth.override.com.mx
pearpartner.com
www.pelitateknologi.com
www.programination.com
pugovka.by
radixlogicalmoon.com
radstec.com
restavracija-mak.si
selfservice.resuelve.io
moncompte.riadcity.com
api.roadway.roadbotics.com
www.sakura.company
www.sanierung-hh.de
lambertseter.snapmentor.no
speakingathome.cz
prenotazioni.studioclaar.it
www.stupidnotes.com
bodaguerrerolopez.swanmoments.lat
testspell.com
thedubroomstudio.com
thenewsomenuptials.co.uk
www.thereception.co
learn.toggleafrica.com
support-stage.tractivity.se
www.beta.app.traindoo.io
www.unclejavascript.com
www.uvstudio.co
vibrart.proyectos.vlivemedia.com
www.waldbiber-pfettrach.de
wearedirty.com.au
next.weloka.de
contractor.eu.wowworks.org
xclusive.io
Other domains in certificate