Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=togo2.woodoo.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
February 02, 2026
Valid Until
May 03, 2026
83 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
35:9C:67:84:88:83:56:97:61:D5:B7:EC:62:2C:F3:AD:34:70:79:7E:59:91:31:19:15:E6:42:6A:44:7E:81:1B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.dottedtext.com
arc-pricing-prod.5inline.io
expense.abuk.in
www.anoukdouma.nl
app.projete.app.br
sion.energia.app.br
oceanografic.arvision.es
www.atol.vc
www.bmeguard.com
app.box2box.it
www.casavacanzanormanni.it
celly.site
retirement.projects.cfarr.dev
play.cluehub.io
cpblgame.tw
denysgrossi.com.br
videos.digimevo.com
academy.dolomiten-tennis.it
epass.easywaybill.in
mirtes.edsoncamargo.dev
emertech.nz
admins.enhearten.io
estebanlocutor.com
expandedexistence.io
database.ezhub.app
destia.fieldsight.io
studio.furnity.se
bios.g2canal.com.br
itajobi.g2canal.com.br
gigabytetech.us
www.gopherchina.dev
hodipiu.it
www.houseofkayperfumery.co.uk
beta.hr-me.co
imbianchino-perugia.it
immobilien-investment-rechner.de
ihor-sophia.invito.link
jasonharthun.net
www.johnemulators.com
www.kibundiary.com
www.kinagrill-horsens.dk
lafunkycup.de
www.linguajam.org
action.linkfive.io
banklipadev.lipalater.com
www.litany.dev
lososos.xyz
mgm.lychee.pro
scadenziario.marcorosetti.it
www.massagr.com.au
api.masshealth.me
meier.uk
www.navdrisha.com
nunar.es
hyttedesigner.nyg.dev
sign.oakslab.com
app-grupo5.overview.one
blog.owlandscroll.com
paie.xyz
koda.pawsome.com.au
phamminhdao.com
www.pixul.nl
dev.popcharts.io
puttipong.me
www.pyneapp.com
cir.queliga.com
publisher-static.rapidbooksapp.com
ref.rewardy.io
sagekloud.com
schmidt-allgaeu.de
www.shannoncroyle.com
linksnap.sharankarthikeyan.com
www.showersolutionsutah.com
www.shrinarayanidiagnostics.com
simple-vision.app
simplynomad.co
www.studentlife101.com
takemesomewherenice.com
testable95.site
cfa.the-gathering.earth
www.thecodeyard.com
pricing.thegotiger.com
theinfiniteactuarystatus.com
admin-dev.themint.jp
transitnowapp.com
www.triggerpoint.org
www.tripletise.com
www.tylercartwright.com
www.u-raid.com
videollamadas.uvi24.com
vanegas.pro
www.villamarryincek.com
vintagehightech.co.uk
weecommcentre.ph
www.weplaygames.fun
www.wibce.eu
www.wijin.academy
togo2.woodoo.io
yolobyte.com
links4.yuyoapp.com
Other domains in certificate