Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=veil.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 06, 2025
Valid Until
January 04, 2026
51 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
46:1D:DC:08:DF:D9:F8:D0:EE:9B:8C:49:1F:EF:9F:CC:6F:8B:5B:94:77:C3:C6:FD:21:72:19:15:EF:0F:F1:A7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
trackflow.ca
app.4tars.com
69-spa.com
alfra-estudios.com
amirm.online
www.aniyaaedition.com
madurai.azhagudroptaxi.in
www.ideasintoinnovation.belovance.com
blog.bliscout.com
www.bople.app
customer.canarahsbclife.com
firebase.cardapp.me
carelinelive.app
giveaway.casttree.com
chrisplitz.com
www.web.chulesi.com
health.clay10.co.uk
www.jrgroups.co.in
www.wellname.com.hk
links.copingcard.com
scanning.cresicor.ai
dash.cryptopets.tech
exec.dev.dashride.com
www.devoro.co
www.djms.app
dashboard.ecomagent.eu
ehrbar-bb.de
www.enrichtrust.in
crfbuilder.ephealth.com.br
wl.l.frequentvalues.com.au
geerenergy.in
generalphysician.in
restauranteur.gourmetguide.co.uk
testing-tendencia.grupomeiko.co
diversity.guarentee.ca
www.haengineeringpk.com
historyofglasnevin.com
wlportal.hotelbookingservices.co
www.hourz.app
humbility.io
hverse.in
gdc22.hypervr.games
webcomponents.iatros.app
ideolog-compass.com
busamurai.itmlive.in
samples.iwiz.in
www.jasonjean.io
kolven.dev
www.li-tian.me
www.mans.fit
www.mariobabuljak.com
s.maxtech.me
penguinfury.mbitgames.cloud
www.moby-d.fr
mycirrus.app
nagyiemlekei.com
nivin.design
orzeszek.org
staging.ownplate.today
packersne.ws
www.packhappytravel.rentals
intern.partiful.app
www.picloud.llc
gallery.pigmentapp.co
app.playz.com
pomodot.io
www.pork.city
links.melos.progrit.work
punchred.xyz
pwatungsten.app
portal.rajagurucrackers.com
dashboard.vocus.ratemycx.com
auth.prod.rejsalligevel.dk
remote-link.online
vr.rentr.co.za
riply.me
riply.org
www.rour.company
safsham.love
santalist.app
sernix.net
link.shared.media
dashboard.sinou.io
nqe-singapore-m.soitec.net
redirect-test.spwn.jp
surakshasumptankcleaningservices.in
system.5050.style
www.tempo.live
thepicklelab.in
thessbus.gr
app0.trayn.com
share.trinitybroadcast.tv
tugo.app
vanguard-tek.com
veil.app
supplier.vinid.net
developers.workast.com
auth.xtopia.io
zsottu.hu
www.zufaradnan.com
Other domains in certificate