Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=platform.keywordsai.co
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 09, 2025
Valid Until
March 09, 2026
59 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DC:62:6B:D9:61:7E:E7:51:22:65:82:76:71:6D:7C:37:ED:3E:A1:AD:8A:2A:5C:B4:76:47:E6:3F:27:D0:76:A4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
tijdeman.dev
sistema.dev.acertapromotora.com.br
amberandstephen.info
doc-dev.ampup.io
napp.andmark.no
www.anwest.com.au
trackit.appflair.dev
baileyaudio.co.uk
demo.bcode.cloud
tml.bothqandq.com
www.briskine.com
universal.brtmobile.com
calebweldon.com
www.ceci.app
www.clevertravelsolutions.com
udaan.roadcast.co.in
compu21safetytraining.com
congaree.film
stats.cons.sm
cdmedia-bulgaria.contentcard.com
cynanrhodes.com
dev.cypherpunkstudio.com
dharacreative.com
byggdittvisma.direktkonsult.se
www.dothetrek.com
dunehorizontrading.ae
easy-list.app
elisharudenkov.com
enlacestreguz.com.mx
www.erikedit.nl
auth.evfy.sg
evseinsights.com
fcokicktipp.de
felixprinz.de
app.findigo.lt
www.findpet.com.mx
finnsmarthotels.eu
foodxp.app
www.freebiest.de
fztlab.com
deeplinking.gainsightapp.net
radio-dev.gera.fan
discovr.getmade.co
heartofbeautylounge.website
zamon.honigwachs.de
games.icancare.in
ilarepress.com
envoy.impreszions.biz
moveapp.indicold.in
app-voluntario-modules.infogab.com.br
swan-traveller-test3.ingogodev.net
www.jyothish-ram.me
k-burkhardt.dev
platform.keywordsai.co
image-moderation.koode.nl
kovacdaniel.com
python.lectorio.cz
aibs.myeasyfarm.com
liverpool-quiz.mymoons.mx
cnize-fb.nicolas-scheidler.com
www.oliverdavies.me
oraclog.com
pascaldauer.de
personaweb.app
gestion.petitoracle.com
picluna.com
bestellen.pizzeriaresan.de
prototype.poweredbypunk.co.za
docs.propps.com
www.qiy.be
deposit.acc.rallygo.eu
p78.recruiting-solutions.org
www.rgresultatservice.no
customer.rxoconnectdev.rxo.com
sandbournecare.co.uk
sandbox.app.satsy.com
mix-bee.saurabhagat.me
semestamedia.id
sharkzmedia.de
admin.simpleservice.app
www.slickwine.uk
my.smartwrite.app
spacemq.com
raf.sportingfy.com
music.stackdeveloper.in
stidax.com
www.superfunbet.com
www.tenforachange.com
link.tilt.app
www.tinbits.io
cool.unboared.com
ai-interviews.unstop.com
uptothe.cloud
upw.li
supertrader.vambuu.com
www.verauberti.com
myappointments.visity.app
www.volontarimontagna.ch
vrco.site
auth.dev.woopen.com
Other domains in certificate