Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=mechsoftsolutions.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 15, 2025
Valid Until
March 15, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D2:DF:EF:60:2F:B1:57:BB:EF:BA:AC:BA:6B:28:31:F4:A4:0B:7B:0D:CE:F2:A2:D5:D3:78:68:49:08:EB:92:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
playfast.com
100pa.com
dallastx.aaacwildliferemoval.com
abnermarcelocorretor.com.br
addgroups.net
fm.addxt.com
www.alllocal.de
www.arcobaleno.inc
artkart.lt
arvin.app
av.uz
app.beepsheep.com
le-carnet.behaghel.org
www.bistro.gr
bstkekipazas.lt
bytepluto.org
calibreat.com
christ-acc.org
addlicenceid.pointstar.co.id
www.contratsdetravail.com
www.crfono.com.br
gugueltv.criptan.es
skicams.dejan.dev
mp.dlorders.com.br
auth.dunk-app.com
www.cma.edu.sv
checkout-hml.englishbreaker.com.br
qa.kamal.entelocean.io
hsse-maersk-landside-services.estudiocactus.com
feralrabbit.co.uk
www.fhqm.org
app.fitap.co.uk
www.fmoving.com
www.freshva.com
prod.geneyx.com
getopenin.app
mortonhall.glanceirw.com
directory.hacklodge.org
unity.sdk.networkeffects.halfbrickapis.com
happiness-stamp.com
link.harkpodcasts.com
kassa.homeofzen.nl
www.iamhanli.com
imarjunpshaji.online
invite.incrediblemaths.com
rental-web.jazertechsolution.com
www.jk-holkynavdavani.cz
joerromano.com
www.joshuascorner.net
backoffice-dev.ka-ching.dk
www.karleby-jakobstadflygplats.fi
v2.kiwibudget.com
staging-designthinking-webapp.knolskape.io
kollektiv-zuerch.com
passchange.laguinda.app
lionsdenbiltong.co.za
business-stg.lolaloyalty.com
luthervillelabpta.org
inv.mcom.app
mechsoftsolutions.com
mobileautoelectriciancairns.com.au
bootcamp.msoma.org
homekit.mymoons.mx
nosolicitingsolicitors.com
app.noytrall.com
nurhanozcan.com
nysaclan.xyz
juventusmuseum.orpheo.cloud
outfit-genie.com
app-staging.paddo.co
app.parkey.io
auth.google.pedranet.com.br
links.penmark.jp
www.probeautyoficial.com
projetocreacoes.org
ramdigital.com.mx
api.rba.su
www.rednetbusiness.com
relianceguarantees.co.za
www.rickgroot.nl
roomer.in
xmas.rorygibson.com
skvermile.com
www.skypalace.net
lookatme.sparkfabrik.com
northcarolinascratch.sqwadhq.com
stagingsb.com
www.starter-homepage.de
energiebalansplanner.stateless.nl
app.superlemon.xyz
bodagabyymarco.swanmoments.net
www.tadris.app
www.tamilsongslyrics123.com
thegreentable.it
reporting.torrefactory.coffee
dev.go.wavecxm.com
www.emiconnect.web.id
backoffice.test4.weblium.io
wifile-app.tk
xtheweb.com
Other domains in certificate