Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=kairos.omnicon.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 25, 2025
Valid Until
March 25, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
3A:17:F1:A6:12:E0:03:E9:14:91:2D:40:7B:3E:A8:1D:FC:EA:D8:E4:28:62:59:95:DF:19:21:12:CB:C0:A3:6E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
skillnavi.voiceapp-lab.com
tandcsports-org.clients.abccopy.co
aepno.ru
agavecatering.org
dashboard.airgara.ge
ajarnjobs.com
alitqan.ai
admin.allgoodus.net
www.antoreek.com
www.aviationbiz.me
beecharitable.com
benedicttwl.com
www.bogdanmateiuc.ro
cassiobink.com
chun-wei.com
coderower.com
glixar.com.ua
uta.admin.convercus.io
ngo.costalab.net
pilot.invite.credotech.app
www.criticalshiftgames.com
www.cryptolands.io
auth.icwgroup.cyberhaven.io
danielblau.dev
dbln.ro
www.dechial.com
fruit.denict.com
carnaval.descubretrinidad.com
task-management.digitalsymphony.org
enigmasoftworks.co
esmia.se
elearning.facforpro.com
faircrash.com
www.firstmarketplace.org
www.fontanazza.it
simply.fundman.ai
g91futureunicorn.com
www.gamevista.de
goli.st
guiders.pt
www.hakanbogan.com
hassankadiri.com
admin.hotelesmaioris.com
coopertransrotas.ideiadtc.com
billing-dev.cloud.ikala.tv
electra.infocentre.app
vie-stage.ischoolconnect.com
jorgedelcastillo.com
keybridge.tech
share.litely.life
mc.liveforest.kr
app.test.liven.com.au
lotr.games
lyfers.net
app.messagefromsanta.com
mortgageexpensecalculator.com
www.movitsport.com
normalized.systems
omeryusufelmali.com
kairos.omnicon.co
link.palmerbet.online
fluid.platformbuilders.io
faceavas.playful.ist
directory.ppisonline.com
ppyproducts.com
provion.net
ichinomiya.pubrepo.jp
www.queue-r.app
realoriente.com
www.sagos.info
sbondabadance.co.za
www.serendibgemlab.com
signature.stonebasyx.com
auth.studybud.app
extension.super-smm.com
supergenia.app
graduacionnuryrosa.swanmoments.net
www.t1dox.com
takotl.mx
candidate.talevation.com
get.talkie.net
tuw2020.timeuse.barcelona
tinymammoth.xyz
vision.tornetec.com
www.trailruns.at
www.tripconnxdev.com
dgfitness.turnosweb.app
elportalworkoutcenter.turnosweb.app
jager.turnosweb.app
portion-control.turskyi.com
www.vincentchiu.com
www.virtualpreston.co.uk
emfundo.vuketech.co.za
b.w3.app
www.wealthnationsavings.com
admin-labs.yodo.ch
www.yukseltolun.com
www.zach-alexander.com
datengarage.zcircle.at
unlock.zonic.me
Other domains in certificate