Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=agm.veritascapital.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 12, 2025
Valid Until
March 12, 2026
57 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A9:22:12:B4:AB:8C:F3:54:29:92:EA:A8:D7:2A:A5:7E:D0:D6:97:C8:4B:09:87:AB:96:B2:FD:BF:F6:76:A3:60
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
spacecamp.la
kaboodle-nz-test.3dcloud.io
acchospital.com
admin.angolaservicehub.com
app.angolaservicehub.com
agbc-startupcube.ap-ta.org
zinzaneafiliados.appshare.com.br
shop.area434.com
lessee.at-port.com
accountability.baserate.org
boletas.pe
brdn.studio
www.calliopetechnology.com
cardetailing.fr
cboutlooks.com
business-staging2.chatmyorder.com
josersdiningoasis.clau.io
www.climbing-factory.com
rc.coders-x.com
email.service.codywakeford.com
www.luncher.com.ec
click.diab.com.vn
conker.xyz
evolis.ec3.tech
eci-events.com
ecto.tools
app.egp.vn
www.elianerosatrajes.com.br
emotionalsupportbots.com
www.eternalhopejewelry.com
auth.fiscusflows.com
www.fortx.tech
www.fourthrealm.vc
app.gastromoto.de
zoe-truck.get-ikigai.com
goalpointfs.com
hadeco-ltd.com
www.harshikajain.com
www.hatsumiden.org
hitechdesign.in
hoewerktpolitiek.nl
hungryteams.com
www.hypercasual.jp
inductcraft.com
www.inductcraft.com
inpatientpsychology.org
treemap.irepertoire.com
jaegermeisterspots.sk
jalofernandez.com
www.jiye-lee.com
joelcollyer.com
jonscannell.com
www.katoltmans.com
www.kepatotorica.vip
kfshook.com
konsyrokostas.com
leftthings.com
lightrunners.run
mad.mallaventura.pe
staging.application.menuize.com.br
minimfer.xyz
mr-chefs.com
nails-hawaiian-bar-lashes.mybestsalons.com
www.ndssoft.se
www.ng-de.org
nianacoach.com
www.nicolastawk.com
nimtaraandrukshan.com
www.novagroupnt.com.au
dev-doctor.novemapp.com
www.npchatbot.com
optimxsports.com
www.oximeeg.com
pawmotion.kr
www.performait.pt
www.pochi-tama-wn.com
ranipet.rainbowsdroptaxi.com
tirupathur.rainbowsdroptaxi.com
ravenrysystems.com
relative-ci.com
evento-develop.rogeriossantos.com.br
portal.smarthp.com.au
api.snapfurnish.com
sprakkampen.se
starkandbold.com
su-pay.jp
www.staging.taxhelper.dk
school.testpia.app
thrichard.fr
notes.tiffena.me
test.tractivity.se
tumentor.co.uk
app.vanialialimob.com.br
www.veganchemistry.in
agm.veritascapital.com
ideabook.walt.fyi
www.wikxhibit.org
installation.wincharge.net
www.yumyumtrax.io
share.zakat.org
Other domains in certificate