Skip to main content

Is tlds.africa a Scam? Security Check Results - Whois protection, this company does not own this domain name s.r.o. Reviews

W

Is tlds.africa Safe? Security Analysis for Whois protection, this company does not own this domain name s.r.o.

https://tlds.africa

Check if tlds.africa is a scam or legitimate. Free security scan and reviews.

TechnologyCzech Republicsmall
jQuery 2.2.4Bootstrap 4Popper.jsFontAwesomeSelect2+1 more
Analyzed 8/1/2025Completed 12:59:04 AM
58
Security Score
MEDIUM RISK

AI Summary

The website tlds.africa operates as a domain registration service specializing in African country code top-level domains (ccTLDs) and a broad range of other domain extensions. It targets individuals and businesses seeking to establish an African online identity through domain registrations. The business is relatively small, founded in 2017, and operates under a privacy-protected WHOIS registration with a Czech Republic-based privacy service. The website provides domain search functionality, pricing information, and account management features, positioning itself as a niche regional registrar with a focus on African domains. Technically, the website employs a standard modern web stack including jQuery, Bootstrap, Popper.js, and FontAwesome, ensuring a responsive and user-friendly interface. The site is moderately optimized for performance and mobile use, with basic SEO and accessibility features. Hosting and DNS services are linked to the registrar Gransy s.r.o., a reputable provider. However, the site lacks advanced security features such as DNSSEC and security headers, which could enhance its security posture. From a security perspective, the site uses HTTPS but does not implement DNSSEC or security headers, which are recommended best practices for domain registrars. No privacy or cookie policies are present, indicating compliance gaps with GDPR and other privacy regulations. Contact information is clearly provided, but no dedicated incident response or vulnerability disclosure mechanisms are found. The site includes minimal tracking via a pixel but no extensive analytics or advertising networks. Overall, the website is functional and professional with moderate trustworthiness. The lack of privacy and cookie policies and limited security features present areas for improvement. Strategic recommendations include implementing DNSSEC, adding security headers, publishing privacy and cookie policies, and establishing incident response contacts to enhance compliance and security posture.

Detected Technologies

jQuery 2.2.4Bootstrap 4Popper.jsFontAwesomeSelect2Owl Carousel

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

tlds.africa operates in the domain registration sector with a focus on African ccTLDs, serving a niche market of customers interested in African online identities. The business model is based on domain sales and registrations, with pricing clearly displayed. The company leverages partnerships with registrars and payment gateways but does not publicly disclose extensive partnerships or subsidiaries. The target customers include individuals, businesses, and organizations seeking African domain names. The company maintains a small operational size with a website founded in 2017. Competitive advantages include specialization in African domains and a broad offering of TLDs. Growth indicators are limited from the data but the presence of a new website launch news item suggests ongoing development. The company’s operations are supported by a Czech-based privacy protection service, which is common in the domain registration industry.

Extracted Contact Information

Marketing Intelligence Data

Email Addresses (1)

i*****@tlds.africa

Phone Numbers (1)

+4207344*****

Security Posture Analysis

Comprehensive Security Assessment

The security maturity of tlds.africa is moderate. The site uses HTTPS, which is mandatory, but lacks DNSSEC, which is a significant security enhancement for domain registrars. No security headers such as Content-Security-Policy or X-Frame-Options are detected, which could expose the site to certain web-based attacks. There is no evidence of exposed sensitive data or vulnerable libraries, but the absence of privacy and cookie policies indicates compliance gaps. Incident response readiness is not demonstrated, with no security or abuse contact emails found. The minimal tracking pixel usage suggests limited user tracking, which is positive for privacy. Overall, the site would benefit from implementing recommended security headers, enabling DNSSEC, and publishing clear privacy and security policies to improve its security posture and compliance.

Strategic Recommendations

Priority Actions for Security Improvement

1

Enable DNSSEC on the domain to enhance DNS security and prevent spoofing.

Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Business Insights

Company:

Whois protection, this company does not own this domain name s.r.o.

Description:

African ccTLDs

Key Services:
Domain RegistrationsDomain SearchDomain Pricing Information
Content Quality:

good

Branding:

moderate

Technical Stack

Technologies:
jQuery 2.2.4Bootstrap 4Popper.jsFontAwesomeSelect2Owl Carousel
Frameworks:
Bootstrap
Performance:

moderate

Mobile:

good

Accessibility:

basic

SEO:

basic

Security Assessment

Security Score:
55/100
Best Practices:
  • HTTPS enabled (implied by URL https://tlds.africa/)
  • No DNSSEC enabled

Analytics & Tracking

Tracking Level:minimal
Privacy Compliance:poor

Advertising & Marketing

Tracking Pixels:
mypixel.info
Transparency Level:basic

Website Quality Assessment

Design Quality:good
User Experience:good
Content Relevance:good
Navigation Clarity:good
Professionalism:good
Trustworthiness:moderate

Key Observations

1

Website provides domain registration services focused on African ccTLDs and other TLDs

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

35/100
Score

Missing Strict-Transport-Security header

HIGH

Forces HTTPS connections

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

Missing Content-Security-Policy header

HIGH

Controls resources the browser is allowed to load

Missing X-XSS-Protection header

MEDIUM

Legacy XSS protection (deprecated but still recommended)

Missing Referrer-Policy header

LOW

Controls referrer information sent with requests

Missing Permissions-Policy header

MEDIUM

Controls browser features and APIs

👤GDPR Compliance

Privacy and data protection assessment under GDPR regulations.

GDPR Compliance

Privacy and data protection assessment

35/100
Score

No Privacy Policy found

HIGH

GDPR requires a clear and accessible privacy policy

No Cookie Policy found

HIGH

GDPR requires clear information about cookie usage

No Cookie Consent Banner found

HIGH

GDPR requires explicit consent for non-essential cookies

Third-party services without privacy policy

HIGH

Detected services: Google APIs

GDPR Compliance Analysis

Privacy Policy0% confidence
Cookie Policy0% confidence
Contact Information Found90% confidence
emailphone

🛡️NIS2 Compliance

Network & Information Security Directive compliance assessment.

NIS2 Compliance

Network & Information Security Directive

2/100
Score

No information security framework found

HIGH

NIS2 requires documented cybersecurity and information security measures

No vulnerability disclosure policy

MEDIUM

NIS2 encourages coordinated vulnerability disclosure

No security policy documentation found

HIGH

NIS2 requires documented cybersecurity governance and risk management

No incident response procedures found

HIGH

NIS2 requires documented incident response and business continuity plans

No business continuity planning found

MEDIUM

NIS2 emphasizes operational resilience and business continuity

No security contact information

HIGH

NIS2 requires clear incident reporting channels

No vulnerability reporting mechanism

MEDIUM

Clear vulnerability reporting supports coordinated disclosure

No NIS2 reference found

LOW

Consider explicitly mentioning NIS2 compliance efforts

Critical sector without clear security compliance

HIGH

Detected sectors: energy, transport, banking, health, digital

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

80/100
Score

No DMARC record found

HIGH

DMARC provides email authentication and reporting

SPF
Sender Policy Framework
DKIM
DomainKeys Identified Mail
DMARC
Domain-based Message Authentication
MX Records
Mail Exchange Records
BIMI
Brand Indicators
MTA-STS
Mail Transfer Agent Security
TLS-RPT
TLS Reporting
DNSSEC
DNS Security
SPF Details
Record:
v=spf1 a mx include:gransy.com
DNS Lookups:3/10
DKIM Selectors Found
Selector:mail(1296-bit rsa)
DMARC Details
Policy:none
MTA-STS Details

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

72/100
Score

Weak Protocols Supported

HIGH

Server supports weak protocols: TLSv1.1

OCSP Stapling Not Enabled

LOW

OCSP stapling improves performance and privacy

Certificate Transparency Not Implemented

LOW

Certificate is not logged in Certificate Transparency logs

SSL Certificate Expires Within 90 Days

MEDIUM

SSL certificate expires in 43 days

Partial SSL/TLS Assessment

LOW

Completed 3 of 4 security checks due to time constraints

Protocol Support

TLSv1.3TLSv1.2TLSv1.1

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

70/100
Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Transfer Lock Not Enabled

MEDIUM

Domain can be transferred without authorization

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age
8 years(mature)
Expiry Risk
none(347 days)
Protection Level
noneDNSSEC OFF
Suspicious Indicators Detected
  • No domain protection locks enabled

DNS Records

A Records:185.82.212.193
Name Servers:
ns.gransy.com
ns2.gransy.com
ns3.gransy.com
ns4.gransy.com
ns5.gransy.com
MX Records:
10: mail.tlds.africa
SOA:Serial: 2753307372, TTL: 1800s

DNSSEC Status

DNSSEC Not Enabled

DNS Performance

Resolution Time:99ms

SPF Analysis

SPF Record:
v=spf1 a mx include:gransy.com

Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100
Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The website uses a conventional and widely supported technology stack including jQuery 2.2.4, Bootstrap 4, Popper.js, FontAwesome, Select2, and Owl Carousel. This stack supports responsive design and interactive UI elements. The site is hosted with DNS servers managed by the registrar Gransy s.r.o., indicating a stable hosting environment. Performance is moderate with no explicit indicators of slow loading or errors. SEO is basic with meta tags present but no advanced structured data or Open Graph tags detected. Accessibility is basic, with no explicit ARIA roles or accessibility features noted. The site lacks a CMS indication, suggesting a custom or static site build. Technical modernization opportunities include upgrading jQuery to a more recent version and enhancing SEO and accessibility features.
Analyze Another Website