Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=verticalswap.com
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 05, 2026
Valid Until
May 06, 2026
84 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
C3:0D:71:9C:E7:34:C9:3C:CD:00:7B:67:BC:6D:61:9B:16:3D:E1:55:A6:4F:94:4A:1E:36:C6:E0:A6:CE:9D:B9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
olhos.com
*.olhos.com
*.vpn2.olhos.com
aliexprpess.com
*.aliexprpess.com
*.ww25.aliexprpess.com
alrafiq.com
*.alrafiq.com
*.ww25.alrafiq.com
*.www.alrafiq.com
autumnlane.com.au
*.autumnlane.com.au
*.cpcontacts.autumnlane.com.au
*.data.autumnlane.com.au
*.wildcard.autumnlane.com.au
*.ww38.autumnlane.com.au
bouto.com
*.bouto.com
*.www.bouto.com
carewellseiu.org
*.carewellseiu.org
*.random.carewellseiu.org
*.ww38.carewellseiu.org
cityoffriendswood.com
*.cityoffriendswood.com
*.ww38.cityoffriendswood.com
ilicak.com
*.ilicak.com
*.ww16.ilicak.com
immanuellutheranschool.org
*.immanuellutheranschool.org
*.ww38.immanuellutheranschool.org
juguera.com
*.juguera.com
*.vpn1.juguera.com
juicyjay.com
*.juicyjay.com
*.random.juicyjay.com
*.ww25.juicyjay.com
*.ww31.juicyjay.com
*.hostmaster.kohkoku.com
kohkoku.com
*.kohkoku.com
*.app.minar.net
minar.net
*.minar.net
*.ssl.minar.net
*.vpn1.minar.net
*.webconnect.minar.net
*.ww17.minar.net
minersbank.com
*.minersbank.com
*.ww16.minersbank.com
mobfire.com
*.mobfire.com
*.sitemap.mobfire.com
navaconcejo.com
*.navaconcejo.com
*.ww38.navaconcejo.com
*.amchron.soundenterprises.net
*.exchange.soundenterprises.net
*.pp.soundenterprises.net
soundenterprises.net
*.soundenterprises.net
*.support.soundenterprises.net
*.a7447def-35e4-43c1-b535-b93cee2d80ca.sugarfactory.tech
sugarfactory.tech
*.sugarfactory.tech
*.sslvpn.tagawa.com
tagawa.com
*.tagawa.com
*.vpn2.tagawa.com
*.ww01.tagawa.com
*.comune.toygaming.com
toygaming.com
*.toygaming.com
*.s5kjz.tv741.top
tv741.top
*.tv741.top
*.login.sephora.us.com
sephora.us.com
*.sephora.us.com
*.staging.sephora.us.com
*.random.verticalswap.com
verticalswap.com
*.verticalswap.com
*.intel.zinge.com
*.vpnssl.zinge.com
zinge.com
*.zinge.com
Other domains in certificate