Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mosaikplan.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 10, 2025
Valid Until
March 10, 2026
69 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5F:A0:A0:78:2C:B5:3B:21:1B:F0:D1:D5:D0:D3:9B:B1:E2:D7:1C:26:1E:57:C8:0C:39:51:F7:10:8A:6F:52:B6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
app.martechito.com
wickes-test.3dcloud.io
aadyaventurespune.in
agrosegurancabrasil.com.br
listako.aiforpinoys.com
anthonyaloise.com
mobile.iradat.asaren.ai
admin.binhminhnhakhoa.com
ussd-vodacom.bluerobot.com
www.bybloszagreb.com
www.calmistry.ai
umpire.carpred.com
clearflowdrains.net
codelit.io
arajaul.com.np
www.dalalstreetfolks.com
app.deben.io
duels.me
dwntiktok.com
rotaryeng.eisqr.com
www.elitepartshelf.com
trivialadderslink.etermax.com
dev.frixr.com
www.fromyoureyes.app
www.full-truck.com
worqflexiapp.gofloaters.com
goproteus.com.br
christian.gorbach.eu
gridshop.app
haixianzai.com
hontru.com
hotg.dev
portfolio.hugebelieve.com
iitiansacademy.in
tips.inertia360.dev
marketplace-intg.infusiontest.com
admin.intentnewtheatre.org
motogestor.jeffersonfreitas.dev
joshuarosenstein.com
jr-trenchless.com
nudismeinterdit.kards.fr
www.kascenskaforvt.com
kaushalsoftware.com
www.kfirzuberi.com
translation.kollinger.at
link.kuatbaca.com
laudari.app
www.liceodelreino.com
lookuplisting.com
mbys2.com
metroflex.app
mosaikplan.com
muslimlite.id
app.nexusdevhub.com
nirajsharma.in
www.nsjaisoor.com
nuertingen-ist-laut.de
www.oensoft.com
app-testing-zen-vue.olttn.com
tiruvannamalai.onewaydroptaxie.com
passthemustard.app
payifyoulike.com
pbstaffings.com
piergiovannisedia.com
playable-sr-ex.playableworlds.com
plumislandcarvings.com
www.plutoastrology.net
pocket-pet.me
login.preventamedical.com
robotswho.com
wheel.roytown.net
www.ruadireitaazores.pt
stance.consulting
starovekanubia.sk
stephenferia.dev
api.stg.study-habits-dh.com
sucm.org
astronova.suitefeedback.com
sultan-erbil.com
news.sumak-kawsay.com
testing-consumer-app.superbooking.ai
fulfillmentdev.swiftlaundry.mx
tekr.de
theauraspaces.in
thebigbulldeals.com
ajjj.thelevel.ai
www.tinderbanned.com
www.tragsys.com
van-doan.dev
www.nationalparks.vaughanlabs.com
qa.viridios.ai
onkick-demo.virtkick.com
staging.volby.it
www.vsinger.io
bier.wetter-naarn.at
whitekeyeducare.com
yogawsabrina.com
dev-beta-marketplace.zentility.com
zobada.com
zonest.app
Other domains in certificate