SSL Certificate Analysis for avli.me - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=mwave.live

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 11, 2026

Valid Until

August 09, 2026 59 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

26:C2:E9:9C:1F:BB:A9:C0:F6:9C:C6:8F:6D:6A:B0:D5:1F:CA:41:B3:05:1F:C6:F4:FA:A7:B1:25:68:8E:29:4B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

avli.me *.avli.me *.cpanel.avli.me *.old.avli.me *.uat.avli.me *.ww38.avli.me

Other domains in certificate

audvideo.com *.audvideo.com *.server.audvideo.com *.test.audvideo.com

carders.com *.carders.com *.mail.carders.com *.p.carders.com *.techno.carders.com *.webmail05.carders.com *.ww17.carders.com

collectorsdrop.com *.collectorsdrop.com *.dan.collectorsdrop.com

couponnx.in *.couponnx.in *.springboot.couponnx.in

cqrnm.com *.cqrnm.com *.img1-fg.cqrnm.com

fmoviefree.cc *.fmoviefree.cc *.ww16.fmoviefree.cc

*.32.futura.vip futura.vip *.futura.vip

*.1d2590db-4df8-4214-9547-e88cd176df1b.hillsylvania.info *.a.hillsylvania.info *.aec6dfd8-e6f4-46f2-9a49-3e8655260e21.hillsylvania.info hillsylvania.info *.hillsylvania.info *.voocyy.hillsylvania.info *.www.hillsylvania.info

*.32.mwave.live *.co.mwave.live mwave.live *.mwave.live *.new.mwave.live *.ww25.mwave.live

*.new.plasticsergeant.com plasticsergeant.com *.plasticsergeant.com

*.admin.slaki.com *.autoconfig.slaki.com *.autodiscover.slaki.com *.cloud.slaki.com *.drvpn.slaki.com *.email.slaki.com *.firewall.slaki.com *.gateway.slaki.com *.mail.slaki.com *.office.slaki.com *.portal.slaki.com *.ra.slaki.com *.remote.slaki.com *.rjwqdsmtp.slaki.com *.sitemaps.slaki.com slaki.com *.slaki.com *.ssl.slaki.com *.webvpn.slaki.com *.ww11.slaki.com *.ww16.slaki.com *.ww25.slaki.com

*.einrd.uyc.net *.newmail.uyc.net uyc.net *.uyc.net

*.alluadsts.vgmai.com *.dev.vgmai.com *.exchange.vgmai.com *.forticlient.vgmai.com *.ftp.vgmai.com *.imap.vgmai.com *.in.vgmai.com *.incoming.vgmai.com *.mail.vgmai.com *.office.vgmai.com *.owa.vgmai.com *.rdp.vgmai.com *.shop.vgmai.com *.test.vgmai.com vgmai.com *.vgmai.com