Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.kravensa.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 01, 2025
Valid Until
January 30, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6B:05:26:D6:21:B4:61:74:77:19:7A:58:AB:08:46:36:EC:35:BA:9E:8F:E3:88:B3:A6:56:75:AC:C8:56:96:1F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.speech2subs.com
lowes-kit-style-quiz-prod-b.3dcloud.io
item.adora.gift
akarshitbathla.com
preview.amicaldo.dev
arcasya.ai
asobito.jp
dev.admin.autourdesparents.fr
www.basket.style
www.bottari.com.au
oktoberfest25.bracelit.es
demo.cao.app
casperdesign.no
www.cbannon.com
sales.dflash.co.id
easter.pugshop.co.kr
tgif.com.my
cortexlab.digital
ghazali.dashrim.com
dorodango.hu
link.enyoi.app
rekkons.ertim.org
dev-biz.eventors-japan.com
fhb25.exonix.com.au
fablia.site
fantasyfang.com
findmyai.org
frokus.app
staff.greaterheightssch.org
gunz.com.br
landing-stage.habio.app
demo.hosetee.com
www.hspaintinggroup.com.au
htechdigital.com
pay.iboksminilager.no
expo.ibranchrecruiters.com
www.ibranchrecruiters.com
www.iconlegal.ca
amcivil.indiandevelopers.org
note.infini-group.co.jp
irisanimate.com
qualicliente.portalcliente.izii.io
jhochart.fr
kanyewondersafaris.com
www.karate.services
admin.kidsupsoroban.vn
admin.koderia.sk
www.kravensa.com
lespetitslardons.fr
limamoveis.com
style.linky.app
admin.localsearchweb.ch
mapseguridadmx.com
match-up.co.za
melfar-serviceudlejning.dk
mercaderes.cl
admisiones.mikareno.com
plataforma.mindfulcare.mx
app.moc3ai.dev
chat.murarinayak.com
nanwannawatresort.com
link.nexhome.nexinnovation.in
password.nexhome.nexinnovation.in
api.onflix.app
sola.or.jp
link.padelkings.fr
pikorua.in
painel.pilotar.app
www.playeragent.ai
www.playerscout.ai
polly.fyi
www.pratyanchagroup.com
console.predictiv.com.au
primatasmkt.com
raykoeller.de
app2-filtradapira.refiltek.com.br
forms.res-cue.com
algorithm-visualizer.roaakdm.com
romanrosson.com
testing.sabaq.io
salamconstruction.com
saudakaro.in
global.admin.sglcertified.com
skillsyncs.com
m.sonicbroom.ca
soundbunker.net
spatialfeelings.com
spyfrost.com
material.src.zone
api.superea.sv
www.tabisako.com
todonaturalle.com
noveal.vv.toysfilms-interactive.com
dlink.tradeitsocial.com
transswag24.in
www.tudosobcontrole.com.br
www.u5soft.jp
www.vdenboer.com
verbatic.io
visaconnect.fr
Other domains in certificate