SSL Certificate Analysis for admin.weeklyath.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=3-6-9drop.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 18, 2026

Valid Until

August 16, 2026 75 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

F9:A7:04:CB:3B:E1:CC:76:24:A0:D3:CF:1F:F4:9A:E9:1F:38:95:90:09:C4:39:E7:CE:53:08:70:0A:6C:D6:95

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

weeklyath.com *.weeklyath.com *.admin.weeklyath.com *.api.weeklyath.com *.app.weeklyath.com *.backend.weeklyath.com *.dev.weeklyath.com *.mysql.weeklyath.com *.www.weeklyath.com

Other domains in certificate

3-6-9drop.com *.3-6-9drop.com *.remote.3-6-9drop.com *.staging.3-6-9drop.com

*.app.cryptocoinmerchant.com *.book.cryptocoinmerchant.com cryptocoinmerchant.com *.cryptocoinmerchant.com *.hmouwapp.cryptocoinmerchant.com *.imap.cryptocoinmerchant.com *.m.cryptocoinmerchant.com *.test.cryptocoinmerchant.com *.www.cryptocoinmerchant.com

edc.education *.edc.education *.lms.edc.education

numberstoxeyinjurylawyersgroup.com *.numberstoxeyinjurylawyersgroup.com *.share.numberstoxeyinjurylawyersgroup.com

*.0tf2r.turuncufile.com *.1.turuncufile.com *.18.turuncufile.com *.266.turuncufile.com *.27643.turuncufile.com *.293.turuncufile.com *.30bh2.turuncufile.com *.4xvu.turuncufile.com *.5672184.turuncufile.com *.6379619.turuncufile.com *.65827.turuncufile.com *.6vg.turuncufile.com *.7wdlrop.turuncufile.com *.atqr.turuncufile.com *.cpanel.turuncufile.com *.d.turuncufile.com *.e30a0ox.turuncufile.com *.esz.turuncufile.com *.fecwhf.turuncufile.com *.fg.turuncufile.com *.kurcaiuf.turuncufile.com *.l.turuncufile.com *.legwy.turuncufile.com *.nfqt.turuncufile.com *.ngwc.turuncufile.com *.pb.turuncufile.com *.pxrq4h.turuncufile.com *.qkmljul.turuncufile.com *.qwhaz.turuncufile.com *.qxa7q4j2.turuncufile.com *.rpienc.turuncufile.com *.rzynwy8res5lz.turuncufile.com *.shj9y.turuncufile.com turuncufile.com *.turuncufile.com *.v8kgeie.turuncufile.com *.wpw.turuncufile.com *.wv33daf.turuncufile.com *.xlarqtn.turuncufile.com *.xrgvcinr.turuncufile.com *.y.turuncufile.com *.y8jf34b9.turuncufile.com *.ze05l.turuncufile.com *.ziorwjyp.turuncufile.com *.zs.turuncufile.com

*.admin.vipmv.co *.app.vipmv.co *.applemmcom.vipmv.co *.ashdi.vipmv.co *.book.vipmv.co *.comshdi.vipmv.co *.demo.vipmv.co *.jx.vipmv.co *.neti.vipmv.co *.uadi.vipmv.co vipmv.co *.vipmv.co *.ww12.vipmv.co

*.k5.zipsy.site *.ub.zipsy.site zipsy.site *.zipsy.site