Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=trading.altxafrica.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 25, 2025
Valid Until
January 24, 2026
63 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
03:EB:A9:D5:5E:68:BB:AD:46:AB:05:D7:12:B5:5A:45:33:E6:DB:29:25:F6:DA:C8:A9:0A:59:B7:C9:5E:44:7D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
myreality.ca
69thegrove.com
abm-digital.de
www.rkdesaicollege.ac.in
metaverse.bu.ac.th
akopianlegal.com
www.akutmed-socialmedia.de
trading.altxafrica.com
beanboys.co.uk
bodhinath.com
pedidos.bracelit.es
www.brfpriser.se
www.cameroncipriano.dev
cardsplus.org
celestcap.com
cheriecarbines.nz
www.chessvision.ai
www.chipstudio.net
client16.citadel.tools
classility.com
www.breakthroughchapel.co.ke
www.compassofhope.org
www.coolneighbours.com
crossworddaily.app
csuszkasarky.com
currencyexchange.work
moo.dmason.dev
www.drakecall.com
portal.ecosoapbank.org
tiktunes.espireads.com
ferismarketing.com
km.fkuii.id
www.fyno.com
gemssy.com
main-api.getanimo.io
giftcake.app
www.gleasondevelopment.com
golfpass.app
auth.stage.gridbox.io
hubertsikorski.com
hypervision.com
panels.importth.is
infotambo.com.ar
intellaigents.com
medicoseguro.inter.mx
digital-hipay.invisionpixels.net
jaydenvu.com
www.jenova.ie
joshmoline.com
jpchatain.com
jubaservices.com
www.kampoy.com
www.kartiny-i-ikony.org
paymentsgateway.kxcloud.net
www.lidderimobiliaria.com.br
lighthouse-app.com
www.liveprogramnotes.com
liveryhub.com
mat-angel.com
www.mathorize.com
www.mattbeecham.com
ope.meets-atsuma.com
staging-galaxy.mosaicapp.com
takumi.nara.jp
application.nn.ro
cdn.nofanity.com
www.open24seven.co.uk
orodolfo.online
otonari.love
papalog.net
penguincity.com
portal.poola.app
protung.ro
pulsifyme.com
vendor-dev1.qlub.cloud
vendor-dev2.qlub.cloud
www.qualissolutio.com
quantum-group.jp
www.qubit-dna.com
tourlogistics.ratality.com
dmsperf.corp-internal.rxo.com
admin.samyata.com
app.sanidae.com
www.scottlininger.com
silver.preview.shortwave-staging.com
www.spellblaze.com
startcoservices.com.au
www.studytok.com
www.sunnypctw.com
ariyalur.supercabs.in
dindigul.supercabs.in
tapmartindia.com
www.theobarraud.ch
www.travelopy.com
www.vigiz.app
www.vizzy.io
willykscompany.fr
www.yog.dev
www.zenreki.cash
zwfolio.com
Other domains in certificate