Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tmfa.com.ng
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5C:24:E3:50:60:A1:37:A9:ED:7D:94:37:F5:39:07:E9:FA:61:83:9D:50:C4:7B:92:C6:B2:46:7D:78:A3:FC:AD
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
slreporting.musicaudience.info
aadvikteklabs.com
abhirama-edition.org
aboutour.love
alasdesangre.com
store-e.app.amplifihq.com
aapta.apxor.com
assn.io
atlasendurhaefing.is
www.gaming.avsemprize.com
www.bitlific.com
admin.busquenos.com
www.cameronblocker.com
admin.casttree.com
www.chungjungduo.com
checkin-dev.jins.cit-pf.info
coderblog.site
otc.coinst.io
tmfa.com.ng
emreperde.com.tr
cybersquare.ca
danielreinartz.de
daodechinggame.com
di-dy.com
www.djionidev.com
www.donttableflip.com
earauraa.in
eeegole.com
eukeladebiotics.in
www.eukeladebiotics.in
evcostcalculators.com
portal.ezbook-online.com
www.fabricius.io
gestion.ficalapps.com
foresightanalytics.tech
painelpindorama.g2canal.com.br
configurator.gameolive.com
www.hafez.de
app.hl.cafe
staging.app.hrmonitor.com
www.ijamcharity.org
www.inifresi.com
www.inovoglobal.org
www.intwildeweg.be
pilseta.jelgava.lv
upaep-predev.klarway.com
www.konteneryeventowe.pl
koutsioulis.gr
lchplays.space
assessme.leolh.com
www.lettucech.com
stagedbackoffice.maapp.com.br
cogami.marcafranca.com
mateotejera.site
app.medstaff.care
melsargent.uk
memid.co.jp
alfredo.mike.fun
www.mindstance.in
www.minidota.watch
shop.mndc.in
moroccopets.org
www.multibrandsjob.com
www.mymah.site
cangubusca.net.br
newaygocircle.net
app.nicolereiher.com
www.onavol.com
www.pdnandassociates.com
www.pescapps.com
www.prepear.app
primestop.in
learn.re-skill.io
webhook.rebalion.com
auth.rebelplans.com
tc.ri4c.com
shawabkeh.net
silverguard.net
smacsa.com
spinneronchain.xyz
stafitness.org
api.g.sunsettrivia.com
tetherchat.io
thunderevent.com
www.tool4events.com
compiler.toolaska.com
towobo.com
platform-pcm-test.trustedaccountant.nl
www.vivahcreations.com
voyages-hybrides.com
bezahle.wanke.jetzt
smartlab-client.waterleau.cloud
dedekurniawan.web.id
app.wisetradr.com
wolfardsolutions.com
work.xtian.design
yogkshemladnun.com
yolotags.com
yourgameworlds.com
jetlaglink.zajno.com
Other domains in certificate