Open
Cached
·
just now
83/100
SECURITY SCORE
Certificate Information
Subject
CN=sdk.formtoro.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 16, 2025
Valid Until
March 16, 2026
41 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5A:71:FD:BD:A0:79:AC:26:E0:5A:B0:1C:27:E3:1C:C7:D9:C5:86:B2:77:31:16:CD:A7:6B:3F:F3:26:FB:82:A7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
typus.finance
abumpus.dev
aestheticsbyabha.co.uk
agleads.fr
alyusrinstitute.net
doc.ampup.io
dev-360.audion.fm
apdealershare.autoplac.pl
www.bendeguzkerteszet.hu
bhoimitra.in
traversy.bjarnimax.com
digitaltest-token.bna.com.ar
bobbiny.co.uk
zencard.boldfinance.in
breakfarm.us
art.burnham.tech
www.m.cbh.care
msilpaintdata.clearquote.io
agende.clinicaneocor.com.br
namohospital.co.ke
app.nadio.co.kr
www.srsi.co.th
takvimci.com.tr
www.iletus.com.tr
pixelkraft.commulino.de
harano.eng.br
enislim.co.uk
organizer.eventrill.com
excode.co.uk
www.fb-trenchless.com
pinoy-henyo.fedmich.com
www.fllsettlementblackrockt.com
sdk.formtoro.com
www.fortunefairy.kr
glassandbio.fr
www.howtofly.be
app.hudsonkutsuten.com
cal.inits.io
cv.iotek.in
www.jamesnorton.design
jasminehousemelton.co.uk
subadmin.journz.in
kfzbook.eu
kishaztanoda.hu
stockship.ko-tech.in
www.kolga.io
www.laladiam.com
www.leafnywebpack.com
www.stagingbizpanel.lmserp.com
app.mangozpevnik.cz
www.mappazzo.com
production.application.closter.mathematikoi.agency
meevent.fr
motorfiets.jp
womentique.mrindrs.site
www.nachogoca.com
nfrost.dev
nrjobs.co.uk
www.outloudwithrosy.com
www.panopliadelibros.com
platypus.land
playroom.live
auth-firebase.polonetwork.tv
minigpu.practicalxr.com
www.promotionalsrb.com
www.pulser.co
portfolio.purplediary.kr
qad.de
reidmachinerysales.com
www.rgbx.io
rsj-corporation.com
app.satelite.dev
scipiosoftware.com
www.scottfridaydesigns.com
www.sds-qr.com
www.servitallermanacor.com
www.dev.shuttlers.ng
snailjet.com
siamdiscovery-sneakers-killer.spacears.com
sriniux.com
launchhouse.strollhere.com
www.succie.dev
svarnaliving.com
app.taginet.com
talktosiya.com
pepperoni.tallyfor.com
tanush.dev
abokado.thediners.in
www.thesivulichs.com
www.toprungsolutions.com
gift-registry.twf.co.nz
unishoper.com
ucadmin.universalcuisines.com
app.uverify.io
www.voiedev.com
app.vumatix.com
wordunsilenced.com
comprenautica.gestor.xrauto.com.br
easmith.zenderatms.com
staging.humeur-du-mois.zenika.com
Other domains in certificate