Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=cms.kekomo.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
40 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4E:73:32:3F:D7:BB:3D:B5:A6:23:6F:B2:25:1D:EC:2A:3C:F0:F6:AE:65:25:B6:5B:C1:99:D1:E4:36:C8:AD:2E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
learning-platform-dev.cloudpssolutions.com
11521736.peerly.app
99ideas.es
www.abrholdings.us
lms.undiknas.ac.id
app.advancedonlineinsights.com
chrono.agamworks.com
dajaj.aljaf.uk
staging.allthemidi.com
uretim.alsancakuniforma.com
grievance.anjaconline.org
www.anzellotti.dev
arraymaker.com
video.birwadi.com
www.blackhill.co
www.blockhealth.co
share.bokie.com
www.boucherpl.com
pray.broox.us
businessriver.businessenergyawards.ie
cegisac.com
www.chronoft.com
console.eliteacademy.co.in
opentechbox.co.th
codingexpress.ca
ps-internal.codingninjas.com
www.com3it.com
craigwoollard.com
www.cravedin.com
www.crdls.com
uat.share.credotech.app
crosscorners.cloud
cryptoassetsystems.com
curaceec.com
cyhermes.com
darkhorsegrillandcatering.com
digital-oxygen.co.za
dkyoyoung.com
dox.cl
invite.drorapp.com
dynki.com
task.enoram.app
www.ericawitcher.com
qa.farmanager.com.ar
pass.fortunescope.app
www.friedmanpe.com
galiandleo.com
www.gbws.net
gifttable.co
dev.admin.golfcaddiespro.com
greenlightbalance.com
justrei22.id.vn
ijatsr.org
assemblee.monjuridique.infogreffe.fr
infospacesolutions.com
advisor-kpl-stage-8.ischoolconnect.com
cms.kekomo.es
pkf.kudosone.com
console.business.kurasub.com
www.leszczynski.me
logik41.com.br
www.lucillegames.com
www.lunalitesoftware.com
morninglory.agency
app.mymatey.com
ordering.myntapp.io
share.nuitapp.com
oma-conciergerie.corsica
www.oneshoeco.com
onfoco.com
www.online-tutor.co.uk
oratio.ba
paintbar.app
www.paulinedevine.co.uk
www.pedro.no
go.quranmajeed.net
rameal-nabeeh.com
reachfashionstudio.com
readerschatter.com
www.samuelru.com
www.schessa.com
www.seasidemedia1.com
dev.spelezoli.lv
spiritualswordmissions.com
startups.video
gamescounter.strannizza.eu
wingyip.studiossolution.com
calendar.stuten.dev
swordfishwp.com
instance3.tallyfor.com
www.teamvidiyal.org
www.torahreaders.com
link.tsylana.com
unit.lease
weareism.org
account-auth.weversedev.io
xdemo.store
www.xtlog.com
zabiha.ca
zingeo.club
Other domains in certificate