Open
Cached
·
just now
79/100
SECURITY SCORE
Certificate Information
Subject
CN=testlogin.geoffcheck.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 23, 2025
Valid Until
January 22, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A3:DE:EF:91:79:B6:2E:D0:81:CA:0E:14:94:9B:C9:C5:7E:5E:82:64:75:5A:6A:06:E5:76:50:CD:D0:61:BB:D7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Weak
frame-ancestors
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
mmis.edu.ph
perfectstorm.12traits.com
360.agileautomation.ca
acumen.llc
taskforce.alaqsa.tech
next.alka.app
littlesis.amplifiedlabs.xyz
apa-statistics.com
www.apotheosis.io
aseka.id
www.astroflow.app
appdev.atoms.cloud
autisticdev.com
bandquarters.fr
gru.nexdata.biz.id
bloglancea.com
app.blurt.blog
www.boldandbright.co
demo.breastfeedingblackbabies.com
calicocreatives.net
catholicam.app
www.catholicam.app
www.ciclometrics.com
asquire.co.in
espace.codeffekt.com
codenurtures.com
media.myshop.com.in
post.myshop.com.in
market.trueboss.com.ph
dancerapp.co
oproxy-dev.demisto.ninja
wecook.for.dinii.jp
clinic.shelf.doctorbook-cs.jp
dragoon.app
salesdocpilot.dreambigwithai.com
visit.test.einfachgast.de
estancosdistillingcompany.com
www.evoadministradora.com.br
link.mimasaka.examica.io
www.farshad.mobi
filokar.com
fintally.uk
fluentcontrol.com
gamebites.xyz
testlogin.geoffcheck.com
gfisher.net
x1.golfpass.app
goodvibeslab.app
gptmt.100.pn
static.hennamiranda.com
imiexpres.sk
petro-tetiana.invito.link
arena.joymo.no
pikura.jyukatsu.tech
www.kardiowerkstatt.de
front.kivara.dz
www.admin.rynamic.koraxis.com
www.rynamic.koraxis.com
www.lacnog.lat
leadexcellence.se
leosmak.com
kilbi-songgl.limemotion.com
markets.media
referral.marx.lk
md51.online
mettal.io
www.educadoras.mijardinjunji.cl
www.mnksoft.info
app-dev.mxgo.tech
nextlevelresume.co
nexusplatform.co.uk
www.onemilliontweetmap.com
auth.partygo.hu
admin.pharmappvet.com.br
www.piccoliamicialba.it
ummahhotel.pyzasoft.com
vendor.qlub.cloud
www.rhodescre.com
s2-cdn.roadcast.net
saxumlegal.ng
staging.schedulify.app
auth.edge.senecalearning.com
sharratt.tech
www.skillresults.com
sms.socaltechbridge.org
admin.softdevza.space
sokol.enterprises
www.soliact.net
soothe.me
react-general-sandbox.staffshift.com
www.stb-meyer-burgwedel.de
templeblends.co
tradein-dev.tenx.nz
torneionapraia.com.br
api-data.upflowy.com
vetlinkapp.site
weprintwithlove.com
wilsonung.com
dev.timer.zeestrataca.com
avatar.zthd.io
Other domains in certificate