Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.mozsa.org
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 21, 2025
Valid Until
December 20, 2025
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5C:61:90:FB:C0:B4:74:02:7B:CF:E8:68:B4:3F:64:C8:63:D6:B3:DA:A4:45:9D:CC:B8:53:33:61:0D:C2:F4:3A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
i-mops.com
www.100brokenpixels.com
stage.pwa.godzilla.180app.com
2021.effective.band
www.2d.pics
recruiters-compass-staging.acelr8.com
acosh-admin.acuizen.com
www.agndevelopment.com
aguapp.org
www.alpaca-works.com
www.angelmichael.dev
beta.gamegalaxy.appyond.com
benasenso.com
www.bitetobalance.com
www.bridgeharris.com
mybupa-app.bupa.com.au
mutual.closelly.com
collinwhalen.com
compucon.ca
dantasoftware.com
app.dragon.com.co
dreijer-it.nl
durhambasketballclub.com
shareparo.emotto.org
www.engeframeengenharia.com.br
apr2006.euro2006.net
ezekias.dev
preview.fenixwebserver.com
mercado.flowpodcast.com
brado.fnhr.us
beta.app.fritzwater.com
gasse.fr
console.getcarebase.org
gisua.com
app.gmappros.ai
mentors.goblaq.com
haritashya.com
onboarding.immopad.com
www.inimagident.com
inrelation.no
www.j-vogt.com
typetypego.jakesmd.com
www.jcmeza.com
ratespresso.joryenmirthe.nl
www.katienorsworthy.com
app-staging.kele.com
app.kobiapp.io
krrainbolt.com
labodica.es
auth.laltin.me
landorkhoriforestpark.com
langurama.com
www.liatas.com
limitedsession.com
form-ddjj.argentina.gob.ar.lineadgroup.com
www.lords.finance
www.markcabanero.com
miakapp.com
www.mozsa.org
msauditors.org
mujiconsulting.co.uk
musicherogames.com
www.mustqbl.me
www.natalieromano.ca
www.newgame.studio
nomadsos.app
noorulislamacademy.com
oposcare.com
perkat.ltd
links.playhunch.com
share.pltmarketplace.com
postidag.no
pulse.cash
www.realtydigitals.com
online.games12.rf.gd
rocketreach-privacy.com
www.rosehulmanprojectvault.org
dev.rotapad.com
rschahar.com
www.rymachines.com
www.sakewiz.com
loan-calculator.shopeephbi.com
yondane.shumitas.com
app.sophya.world
www.squadra.work
app.dev.staging-bookbites.com
docs.storysynth.org
substytucja.com
www.supporttree.org
techgirlstory.dev
tglawgroup.com
static.thelux.mx
www.unnon.com
uptightchill.com
vertexchain.world
webcrft.co
wonatti.es
bachelorparty.wrightko.be
qa.internal.xalting.com
zenokoller.ch
Other domains in certificate