SSL Certificate Analysis for avoidable.tech - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt Active incidents

Certificate Information

Subject

CN=avoidable.tech

Issuer

C=US, O=Let's Encrypt, CN=YR1

Valid From

June 04, 2026

Valid Until

September 02, 2026 67 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

20:4D:28:31:F7:2C:CE:B8:B4:7E:5D:E8:38:F8:52:F9:B4:00:0D:FF:48:F4:8D:2D:7F:3C:4E:97:C8:53:A2:B3

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

avoidable.tech *.avoidable.tech *.test.avoidable.tech

Other domains in certificate

aiwiseword.com *.aiwiseword.com *.lb9tds.aiwiseword.com

*.32.babybitcoin.icu babybitcoin.icu *.babybitcoin.icu

cm8megaways.com *.cm8megaways.com

datastrata.co *.datastrata.co

immediate-tronpro.com *.immediate-tronpro.com *.sitemap.immediate-tronpro.com *.sitemaps.immediate-tronpro.com

*.com.ktmcyclehutt.com ktmcyclehutt.com *.ktmcyclehutt.com *.mail1.ktmcyclehutt.com *.shop.ktmcyclehutt.com *.webmail.ktmcyclehutt.com *.ww31.ktmcyclehutt.com

l755zi.cc *.l755zi.cc

objectiveideaszone.sbs *.objectiveideaszone.sbs

rptvtdg0xk.top *.rptvtdg0xk.top

rpty486.org *.rpty486.org

sgdkix.cc *.sgdkix.cc

sggrs8.cyou *.sggrs8.cyou

smartphones-mx-ax.sbs *.smartphones-mx-ax.sbs

smhpx.cc *.smhpx.cc

*.admin.stecu62.org *.api.stecu62.org *.assets.stecu62.org *.demo.stecu62.org *.dev.stecu62.org *.ejuabapi.stecu62.org *.portal.stecu62.org stecu62.org *.stecu62.org *.test.stecu62.org *.uat.stecu62.org *.v1.stecu62.org *.www.stecu62.org

*.0u12d.tgtsecurity.top *.39ir6.tgtsecurity.top *.4kxnn.tgtsecurity.top *.525v4.tgtsecurity.top *.5jsd7.tgtsecurity.top *.6cd9j.tgtsecurity.top *.95lw2.tgtsecurity.top *.96c54.tgtsecurity.top *.aowpq.tgtsecurity.top *.ayfpk.tgtsecurity.top *.b54zj.tgtsecurity.top *.c6udy.tgtsecurity.top *.dn930.tgtsecurity.top *.ebwif.tgtsecurity.top *.enr3p.tgtsecurity.top *.fcvkr.tgtsecurity.top *.fz4qv.tgtsecurity.top *.g22y8.tgtsecurity.top *.g89kw.tgtsecurity.top *.iovou.tgtsecurity.top *.jxc88.tgtsecurity.top *.ks0v9.tgtsecurity.top *.l0r4m.tgtsecurity.top *.l8kqx.tgtsecurity.top *.me7q1.tgtsecurity.top *.miaqv8.tgtsecurity.top *.nslow.tgtsecurity.top *.qdiek.tgtsecurity.top *.rkuvx.tgtsecurity.top *.snx68.tgtsecurity.top tgtsecurity.top *.tgtsecurity.top *.vhakn.tgtsecurity.top *.wakkl.tgtsecurity.top *.wslq2.tgtsecurity.top *.z44ag.tgtsecurity.top *.z4gbs.tgtsecurity.top