SSL Certificate Analysis for team.wlff.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=haiconmeo.info

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

January 16, 2026

Valid Until

April 16, 2026 53 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

DE:02:0E:EA:EF:F3:4D:CC:26:C5:50:B5:BD:B4:DB:DB:05:DA:5F:AB:59:AF:74:D3:EE:EB:32:34:B1:49:67:B4

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

wlff.com *.wlff.com *.advert.wlff.com *.beta.wlff.com *.crm.wlff.com *.dev2.wlff.com *.help.wlff.com *.new.wlff.com *.news.wlff.com *.team.wlff.com *.ww16.wlff.com *.ww35.wlff.com *.www.wlff.com *.xxx.wlff.com

Other domains in certificate

bd247online.com *.bd247online.com

bundwoktx.com *.bundwoktx.com

clubhousebistroplaq.com *.clubhousebistroplaq.com

eikia.com *.eikia.com *.es.eikia.com *.naruto.eikia.com *.sailormoon.eikia.com *.tellmeastory.eikia.com

haiconmeo.info *.haiconmeo.info

*.analytics.jewelrywebsite.com *.blog.jewelrywebsite.com *.control.jewelrywebsite.com *.crm.jewelrywebsite.com *.galeria.jewelrywebsite.com *.insurance.jewelrywebsite.com jewelrywebsite.com *.jewelrywebsite.com *.lab.jewelrywebsite.com *.ms.jewelrywebsite.com *.navicat.jewelrywebsite.com *.random.jewelrywebsite.com *.reservation.jewelrywebsite.com *.training.jewelrywebsite.com

*.ggrywa.jtjp2x5.mom jtjp2x5.mom *.jtjp2x5.mom *.sgn3z0.jtjp2x5.mom

loanworkout.org *.loanworkout.org

mamui.site *.mamui.site *.ww38.mamui.site

mestrechani.com *.mestrechani.com

mundofibras.com *.mundofibras.com

*.darynsplumbing.n.co.za *.f.n.co.za *.hostmaster.n.co.za n.co.za *.n.co.za *.ns.n.co.za *.r.n.co.za *.u.n.co.za

onlykarlixxx.com *.onlykarlixxx.com

*.1003319068.qaiuume.com *.1003326256.qaiuume.com *.1003406485.qaiuume.com *.1003754505.qaiuume.com qaiuume.com *.qaiuume.com *.th.qaiuume.com *.ww38.qaiuume.com

sfxy121.club *.sfxy121.club

sobat33.club *.sobat33.club

sozkero.click *.sozkero.click

*.email.stockingxxx.com *.mail3.stockingxxx.com stockingxxx.com *.stockingxxx.com *.zmail.stockingxxx.com

stopvapinghypnosis.com.au *.stopvapinghypnosis.com.au

taxane.de *.taxane.de

tenkawacamp.com *.tenkawacamp.com