Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.kronym.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 10, 2025
Valid Until
March 10, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4F:D8:35:83:48:F7:16:FE:F7:7A:24:7A:E4:35:0F:5C:C1:A3:92:E6:ED:A6:34:03:1E:17:DB:B0:0E:53:DA:91
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
wecyberit.com
blog.1f8.dev
www.2pennies.net
app.360medconsulting.com
agnesemarcelo.com.br
blog-stage.airesdigital.com.br
ambicionate.com
static.staging.ampify.io
arthurvimond.fr
ateno.systems
auranik.com
www.barchat.me
mukoapp.bm-solutions.pl
www.casa-design.pt
www.casefamilypracticeandsportsmedicine.com
cloudvila.com
www.consultadvizo.com
stage.courtclic.com
www.csfactorynw.com
www.cydneykrone.com
auth.kolumbus.preprod.da-service.io
www.dalpontgroup.com
www.dantambeauty.com
definaut.xyz
devutil.space
cdn.distob.com
docs.docenroute.com
console.dock.promo
docturion.com
uat.mis.c21school.edu.kh
eirequere.com
eventideon.com
admin.expoforum.com.mx
floatr.net
documentation.floriangrasser.com
frontiersggtrading.com
gtms.fsv-aptor.com
glajnews.com
sponsor.greentransformationawards.ie
habbits.com
hilobit.com
dev.crab.iot.in.th
api.innobelge.be
www.jasonsuttles.dev
jayaanthitraders.com
www.jinroumura.com
admin.khalsa.network
knowmyhabits.com
www.kronym.io
labelaana.com
mindfulnesschime.langhoangal.dev
blog.laundrapp.com
app.leximapping.cz
lgreencapital.com
linguajam.org
www.smart301.linistitul.ro
book-one-test.ludocollective.com
dev.lunarcow.com
machhealth.co.uk
maggierosesourdoughs.com
www.mcmtechnology.co.uk
mercaneducation.com
miguelrada.com
fdata.minecuta.com
moonspam.com
www.morillospinedo.com
nestable.dev
www.newblocks.app
nextrie.net
dev.nhadaiphat.net
www.oftnai.org
support.onpurpose.dev
www.oresundpay.com
poisedgenie.com
poletcarpentry.com
www.quifarcos.com
www.quiz-in.com
rayraasch.net
redesmyd.com
retrospectr.com
scalenextechnologies.com
scoupar.dev
campanha.shellscriptx.com
go.smartconsumertrends.com
id-dev.snapmentor.no
guardiansbingo.sqwadhq.com
stockroominventoryplus.com
dev.stuari.com
adexas-com.preview.supertonic.ch
www.alemana.syntropysystem.com
regex.systemdesign.no
www.techomech.com
pandolfini.thetislive.com
api-docs.tourlife.rocks
uandklimited.com
develop.ubamarket.com
vengo-power.ltd
www.whitfields.co.za
www.wordbird.pl
zzchen.dev
Other domains in certificate