SSL Certificate Analysis for parent.hackforplay.xyz - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=checkout.qknowedtech.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

December 22, 2025

Valid Until

March 22, 2026 86 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

E4:D9:0E:32:18:CA:0A:48:87:E4:FD:BF:DA:B6:C4:54:C5:F0:02:E2:1C:41:A0:00:7E:A1:C7:A5:DB:A1:61:A8

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

parent.hackforplay.xyz

Other domains in certificate

101creatives.ca

22.fndrsng.com

www.5hiftsolutions.com

admin.dimaro.bard.aabass.net

app.anki.life

armenta.dev

spkcashier.auxswot.com

www.baraobar.com.br

staging.blockframes.io

www.causality.io

last-played.cimma.dev

test.fwc.co.in

beta.cognizance.vision

book.colavosalon.com

sillones.comounexperto.com

firebase.coverpay.com.br

d2c.live

www.dana-ventures.id

distalindustries.com

app.dmenu.com.ar

truecare.drtis.com.br

ducrows.com

e-gukhwa.com

www.elh.com.ar

www.emersontorres.com

emzeedetailers.ca

www.evxpertz.com

app-test.f2rt.com

simplyproperty.finlup.id

www.flarecollective.co

recruit.foodtech-capital.com

app.forgechat.online

kb.fridaplatform.online

frostybasket.com

gathertomorrow.com

admin.giftameal.app

www.grandviewfbla.com

docs.grouplinknetwork.com

dev.rewards.grupoxalka.com

www.hidden.land

indexync.com

www.laxxco.com

bdash-docs.leach.co.jp

commandes.lescomptoirsalice.fr

limelimelabs.com

hub.logicwind.co

www.houseburger.lupi.delivery

martaiuga.com

open.marusho.io

mazeout.dk

surgery.medprax.in

meshellsturgis.com

app-dev.mtnra.com

mumufabrication.com

mustafamasvi.com

najimi.dev

nargil.net

pic-tipster.mentor.neccton.com

neuroed-for-all.org

www.newemperium.com

www.nummi-app.com

onion-ring.com

online-banfook.com

opalhydraulic.com.au

fb.openpu.sh

outjet.com

menu-digital.paul.fr

picslocorp.com

webview.pilotar.app

bestellen.pizzapronto-gladbeck.de

plenidei.com

www.pmhlda.com

pointpostapp.com

printercounters.com

www.qam7a.com

checkout.qknowedtech.com

reeftiles.com

restauranteelpikoteo.com

marketing.ricebowl.my

salomebecker.co.za

schwiesowdrilias.com

securesendsign.com

test1.seva-u.com

app.sfaktura.sk

www.simpledataset.com

www.singinglessonsleicester.com

socmedaccelerator.com

www.solpiccoinmuebles.com.ar

sonebusinessgroup.com

taliferro.com

www.tamimabbasaljuratli.com

www.taohsiehwushu.com

techiegra.com

holo.tesseract.in

theperfectboardgame.com

upcoming-spacex.com

verebral.com

links.wise.live

yasingedik.com