SSL Certificate Analysis for hostmaster.checkoutpoint.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=sneakersdelight.store

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 14, 2026

Valid Until

April 14, 2026 55 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

56:1E:DB:F7:88:3C:BF:37:0E:70:4B:EE:96:2E:A5:9B:B6:8C:A3:FA:A8:E7:B1:5A:06:A2:F2:20:D3:A6:52:A1

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

checkoutpoint.com *.checkoutpoint.com *.hostmaster.checkoutpoint.com *.maip.checkoutpoint.com *.mx.checkoutpoint.com *.old.checkoutpoint.com *.sitemap.checkoutpoint.com *.staging.checkoutpoint.com

Other domains in certificate

bikeboxrollers.com *.bikeboxrollers.com

bollywoodzilla.com *.bollywoodzilla.com *.web-stories.bollywoodzilla.com *.ww7.bollywoodzilla.com *.www.bollywoodzilla.com

boop.store *.boop.store *.d235bc9ea6ff.boop.store *.mail3.boop.store *.mx.boop.store *.new.boop.store *.ww25.boop.store

buysellswap.com.au *.buysellswap.com.au *.hostmaster.buysellswap.com.au *.random.buysellswap.com.au *.wildcard.buysellswap.com.au *.ww17.buysellswap.com.au

clementeleadershipacademy.com *.clementeleadershipacademy.com

fdne85.com *.fdne85.com *.www.fdne85.com

fun2night.com *.fun2night.com

gmbenfits.com *.gmbenfits.com *.ww25.gmbenfits.com

*.analytics.haxor.online *.api.haxor.online *.ci.haxor.online haxor.online *.haxor.online *.hotfix.haxor.online *.preview.haxor.online *.random.haxor.online *.reporting.haxor.online *.tasks.haxor.online *.viz.haxor.online *.webdisk.haxor.online *.ww25.haxor.online

*.api.mrjacks.bet *.mobile.mrjacks.bet mrjacks.bet *.mrjacks.bet *.news.mrjacks.bet *.ww38.mrjacks.bet

*.autodiscover.nostarve.io *.beta.nostarve.io nostarve.io *.nostarve.io *.ww25.nostarve.io *.ww38.nostarve.io

*.app.nsforourcom.xyz nsforourcom.xyz *.nsforourcom.xyz *.wildcard.nsforourcom.xyz *.ww.nsforourcom.xyz *.ww25.nsforourcom.xyz *.ww38.nsforourcom.xyz *.www.nsforourcom.xyz

olinger.group *.olinger.group

powerstations.com.au *.powerstations.com.au *.wildcard.powerstations.com.au

*.sale.sleepingtablets.us sleepingtablets.us *.sleepingtablets.us

*.sitemap.slottokek55.us slottokek55.us *.slottokek55.us

sneakersdelight.store *.sneakersdelight.store

*.git.soulelements.eu *.gitlab.soulelements.eu soulelements.eu *.soulelements.eu

videos3730.us *.videos3730.us