SSL Certificate Analysis for wirach.my - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=theecotrunk.com

Issuer

C=US, O=Let's Encrypt, CN=YR2

Valid From

June 12, 2026

Valid Until

September 10, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BB:F7:0D:C8:B0:B3:3A:5E:0B:49:32:68:A9:02:80:EC:9A:25:F7:BC:69:6D:F6:8F:C3:A1:26:31:36:8C:33:32

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

wirach.my *.wirach.my

Other domains in certificate

1db1clx.top *.1db1clx.top *.39ir6.1db1clx.top *.cc2mm.1db1clx.top *.kwid9.1db1clx.top

aphsc.org *.aphsc.org *.cara.aphsc.org *.cevod.aphsc.org *.faq.aphsc.org *.gizej.aphsc.org *.kur.aphsc.org *.kyxaj.aphsc.org *.muhu.aphsc.org *.tury.aphsc.org *.vek.aphsc.org *.waral.aphsc.org

binanced.com *.binanced.com *.hostmaster.binanced.com *.random.binanced.com

cajun.locker *.cajun.locker *.mail.cajun.locker *.secure.cajun.locker *.test.cajun.locker *.web.cajun.locker

chainleather.com *.chainleather.com *.roma.chainleather.com *.venise.chainleather.com

*.app.citihome.com citihome.com *.citihome.com *.dallas.citihome.com *.moodle.citihome.com *.schnapps.citihome.com *.secure.citihome.com *.share.citihome.com *.uthpc.citihome.com

*.assets.kokoby.online kokoby.online *.kokoby.online

*.cld3tx.nazlihane.org nazlihane.org *.nazlihane.org *.sitemap.nazlihane.org *.www.nazlihane.org

*.64z.oo64.com *.hostmaster.oo64.com *.m.oo64.com oo64.com *.oo64.com

*.mail.saci.io saci.io *.saci.io *.ww25.saci.io

searchebook.online *.searchebook.online *.ww25.searchebook.online

*.app.sehirbilgi.info sehirbilgi.info *.sehirbilgi.info *.shop.sehirbilgi.info *.uat.sehirbilgi.info *.vrdvdadmin.sehirbilgi.info

tennistug.com *.tennistug.com

theabandonedonline.com *.theabandonedonline.com

theecotrunk.com *.theecotrunk.com

transpo-usa.com *.transpo-usa.com

tsxyif.cc *.tsxyif.cc

tunbarnod.com *.tunbarnod.com

ugwlgt.cn *.ugwlgt.cn

xlgfwg.top *.xlgfwg.top

yausa.qpon *.yausa.qpon

yxusg.qpon *.yxusg.qpon

yzkkf.my *.yzkkf.my