Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hackathon.ec-play.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 14, 2025
Valid Until
March 14, 2026
58 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
0C:B9:DB:75:31:E8:79:5A:E9:0F:EA:88:C3:25:04:45:33:6C:93:58:F7:EC:DC:62:D1:7F:35:6A:64:90:A3:A1
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
jekot.net
petproject.23rdherd.com
www.3beconsulting.com
manual.acromatico.co
links-gmde.acty.com
www.alzahrahajj.com
insh.appducks.com
app.atomslearning.com
auntstellashop.com
ngsprekleapeclass.auxswot.com
www.avantikavacations.com
www.bandb-entertainments.com
cente-app.centetech.com
charityjob.app
staging.hrms.stulzindia.co.in
copypaste.co.za
www.creculture.com
www.cuieaglesathleticcamps.com
connect-s.dev-ltl-xpo.com
dhruvam.blog
www.diclinics.in
diveshpanwar.dev
firebase.mymilk.dmk-it.dev
www.dthomestayshimla.com
mns.e2e.agency
hackathon.ec-play.com
www.energiatehokkuussopimukset2008-2016.fi
www.fluidlabs.xyz
webhook.stable.fstaff.com
www.glialnet.com
www.hahanono.com
haryanasecurity.com
www.highrow.in
clicks.hipposrl.com
www.homegen.ai
hcp-dev.hosand.it
hydroindustries.dev
feedback.ibo.app
homolog.inovaed.com
eiii.io.vn
lib.jacq.dev
blueskywidget.jayohen.com
www.karsthammer.nl
fortify-digital.kreatewebsites.com
harmonic-events.kreatewebsites.com
www.kumaragurus.com
langcentral.com
amsterdam-lucht.lobelia.earth
demo.maamen.com
manojpharmaceuticals.com
gateway.midwayspeedpark.com
minascristais.com.br
minilith.se
dev.admin.minsparta.ru
chat.mobilesoftapps.it
tmp.morgansolar.xyz
www.mycda.app
ng-my.org
www.nicolaszanotti.com
niklas-hauschel.de
www.nsicomonitor.com
opentmrw.com
www.opligence.co.jp
otospector.com
ozce-seguros.com
www.piaogerik.no
app.pristinepotty.com
appdev.qrmenu.biz
vellore.rainbowsdroptaxi.com
www.raoahmad.com
www.ratetherefs.app
renrii.com
retailjob.app
rigchecksems.com
rizzanne.com
app.roellie.nl
rosareven.com
www.rostysokolov.com
salut.cards
w.scoop.tech
simonhbor.com
consumo.simtools.mx
app.sinergieperaziende.com
agora.sinova.co
www.slots188.com
auth.smrtns.com
pw1.sophiasharif.com
stylesservicesgr.com
admin.tacticalpitch.com
techflow.net.au
admin.technotriumph.app
devaccounts.tecxprt.com
www.teunpijnappels.nl
thinple-inc.jp
tbb.toastysoftware.co.uk
torneriajoseojeda.com
hastag.vyeron.com
app.whattodo.vu
xke.xebia.com
zacmawson.com
Other domains in certificate