SSL Certificate Analysis for beta.qaf.com.au - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=3kings.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 13, 2026

Valid Until

September 11, 2026 87 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

03:3C:32:CF:2C:DF:9F:9F:16:CF:77:6E:E8:56:80:62:3D:31:8E:D7:34:37:AD:EF:9E:49:1A:4F:C3:8F:47:7D

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

qaf.com.au *.qaf.com.au *.analytic.qaf.com.au *.beta.qaf.com.au *.ww17.qaf.com.au *.ww25.qaf.com.au *.ww38.qaf.com.au

Other domains in certificate

004.uk *.004.uk *.dev.004.uk *.payment.004.uk

3kings.com *.3kings.com *.eventbrite.3kings.com

adamkvasniak.co *.adamkvasniak.co

bilinneoldu.com *.bilinneoldu.com

*.account.bobbiegoodsshop.online bobbiegoodsshop.online *.bobbiegoodsshop.online

boccaccio.life *.boccaccio.life

*.blog.broilershaleunopened.com broilershaleunopened.com *.broilershaleunopened.com

defendbargains.click *.defendbargains.click

diggerdan.com *.diggerdan.com

docteursprimontbernadette.be *.docteursprimontbernadette.be

dominosend.click *.dominosend.click *.ww25.dominosend.click

error-lofi.com *.error-lofi.com *.help.error-lofi.com *.ww38.error-lofi.com

fmexpression.com *.fmexpression.com *.random.fmexpression.com *.ww25.fmexpression.com

galaxyautoglasslv.com *.galaxyautoglasslv.com

*.311a898fa715ed8adf913d70accafb52.hires.com.au *.autodiscover.hires.com.au *.d83e5d0f1887fda3a330063984a75803.hires.com.au hires.com.au *.hires.com.au

kasw.net *.kasw.net

lol777bet.com *.lol777bet.com *.m.lol777bet.com *.socket.lol777bet.com *.ww38.lol777bet.com

*.anastasia-149736.ly8jr69.xyz *.freeda-911936.ly8jr69.xyz *.juanita-744381.ly8jr69.xyz ly8jr69.xyz *.ly8jr69.xyz *.maiya-650635.ly8jr69.xyz *.marion-790603.ly8jr69.xyz *.norma-474089.ly8jr69.xyz *.syble-262420.ly8jr69.xyz *.valentine-113728.ly8jr69.xyz

*.magento.mytonie.de mytonie.de *.mytonie.de

*.davidz.ornstein.com *.dr.ornstein.com *.m.ornstein.com ornstein.com *.ornstein.com

prob.life *.prob.life

saint-thegonnec.fr *.saint-thegonnec.fr

satorugojo.com *.satorugojo.com

thumskitchenthaicuisine.com *.thumskitchenthaicuisine.com *.thumsthaikitchen.thumskitchenthaicuisine.com *.ww25.thumskitchenthaicuisine.com

*.mx7.vodkashots.com *.ns1.vodkashots.com *.random.vodkashots.com vodkashots.com *.vodkashots.com