Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=geometric-insights.anagraph.io
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 23, 2025
Valid Until
February 21, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
07:66:15:50:0B:69:F9:5E:29:5A:DF:6D:3C:CD:9C:02:5F:A4:FF:75:7F:10:5C:52:0F:A0:FF:3B:47:7C:31:DF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.yobibit.nl
451f.ai
geometric-insights.anagraph.io
www.bodies.audaces.com
www.ayanengenharia.com.br
www.belgefest.by
hq.birrieriaarciga.com
anotaai.blog.br
app.byteblockchain.org
chatwithrob.online
chinatrading.co
www.sounddiffuser.co.kr
beta.contentmedia.xyz
auth.cryptoexplorer.cc
www.csc-ca.com
portal.ddxbiz.com
eanscode.com
css.ebrana.cz
edonizia.com
photography.eexit.net
enchantedartgallery.net
workspace.endless-app.com
www.felixpham.com
app.ferial-e.com
link.findmeonradar.com
www.firebaseopensource.com
gandanapp.com
hub.geisterkatze.art
demo.gethigher.io
hop.gext.it
www.goodbyte.no
guiaresto.com.ar
highefficiencyhouse.com
uni.highschool.my
ilkboswego.impactwrap.com
inciprocal.com
app.infltr.com
intelligentparadigm.com
www.joshtrains.com
www.justekt.co.jp
zendesk-handover.kindly.ai
www.klikkie.nl
pay-qa.kravia.ai
krisfit-nutrition.de
www.lavishgreen.com
app.liftup.fitness
retail.livingskiescannabis.ca
liyunhe.cn
auth.loyals.us
www.manthanlearning.com
tupsp.messytable.games
who-won.nathandowner.com
byod.netxautomation.com
v2.experience.pms.sandbox.nowlvble.com
nufisites.shop
app.oida-app.com
hava.onedome.com
app.onepms.net
www.password.garden
link.pegboard.ai
capa.empresas.promart.dev
dev.psimple.com.ar
mailmgt.publigo.app
www.pulsorax.cfd
admin-panel-dev10.qlub.cloud
ngx-breadcrumb.ranout.xyz
www.reservationmanager.org
www.restauranteinteligente.pe
www.roughrhythm.com
www.royalpacifictrade.com
sahaikaset.com
design.sebasiland.com
shraadh.org
www.smcorwine.com
www.solaramaral.com
reunion-investments.solerabank.com
souhaib.dev
firepad.ssig33.com
hangman.stephenprabhu.com
th.stockvip.co
kathryn.stranex.com
suxxusglobal.com
www.tennisbash.com
thexxway.com
thriveedai.org
timeclever.com
stage.totem.org
tradediff.com
www.training-fellow.de
goldulf-dustpunch.urtropedesigns.com
uvieca.com
www.veronicakisakafoundation.org
www.vicpci.com.au
www.vladretca.dev
auth.webhookify.app
weddingtails.com
williamhokin.com
www.wkaichan.com
xsoftex.com
zagnetic.com
Other domains in certificate