Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=geia-app.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 20, 2025
Valid Until
February 18, 2026
88 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
BF:32:1D:1C:AB:3B:9E:F9:53:4F:D7:B6:CD:17:E5:73:F7:7D:95:F1:A7:5B:3F:CD:95:21:B6:ED:C7:37:A4:90
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-lVokRBAiB3mERGuLv5SAaQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.flatflow.de
www.0xenproject.com
100brokenpixels.com
demo.4mile.io
www.adamgienapp.com
advertisingdata.com
allstarcup.se
alphoenixdesign.com
www.amaan.info
dl.among.world
bms.antion.io
aorum.io
www.apotheekverdonckverpoort.be
aquafiltrationgroup.com
www.aquafiltrationgroup.com
www.archino.net
arvian-snowboarding.com
austinshalit.me
tramites.aymo.es
www.aysventures.com
bascope.net
be-mine.benjaminkomjathy.hu
www.caeserv.com
www.carseekeu.com
gestion.centromedicopaleari.com
www.christophernixon.ie
cafelavanda.clau.io
app.cloudpin.it
codywilliams.dev
compounding-growth.it
www.cyberdoc.com.br
daleca.it
api-v2.dash.bar
demopensioenbijvlc.nl
dine-oppskrifter.no
dmendoza.dev
registration.e-agricom.net
www.emmaandgracefoundation.org
enshure.us
app.extasy.com
happyface.freelivenet.com
www.futbolmatch.com
employee.gajiku.dev
www.galiandleo.com
links.gba.gg
geia-app.com
www.geomaxgame.com
globacleanpedidos.com.mx
app.gofloat.io
hippobase.io
househuntindia.com
www.howwefeel.org
www.ibergenil.com
web.immigreat.global
education2.indiandevelopers.org
www.infina.ca
l.lacriee.ch
www.latersteve.org
localice.io
loooter.com
massagehealthcoaching.nl
www.mastercardnexustour.com
mazi.mx
medizealpharma.com
l.memeize.me
demo.myoworks.us
mytechdreams.com
nababkhan.com
app.nutridesignlab.pl
stg-chat.otc-event.jp
resgate.pontuax.com.br
www.projectcapsule.me
protextor.co
auth.quickrup.com
vgs.r-devstudio.com
quiz.reactriddle.com
dashboard-staging.reloxrobotics.com
admin.riskomer.com
geobrowser.scientificsw.com
app.seosiri.com
www.serviplan.mx
app-teste2vias.sistemasimo.com.br
www.smafathers.org
ressif.speakylink.com
www.srijonmarble.in
auth.supertone.com
teacapps.com
therunningnotes.com
www.topworkinternational.com
ulinkhelp.co.nz
urielle-group-job.net
staging-bulk.valuechecker.net
www.varejo360.com.br
gym.verticalshelter.fr
vipindev.com
www.viusasa.com
www.mine-tm.webredirect.org
tistest.wonder-sys.com
blog.wuwon.me
y-i.jp
Other domains in certificate