SSL Certificate Analysis for i-env.shop - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=avecinstinct.org

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 23, 2026

Valid Until

August 21, 2026 65 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

2E:4C:C6:16:C0:BC:53:48:23:C2:0D:41:1E:C2:E1:27:F3:AD:C0:5C:E0:F2:48:54:69:E2:AF:24:95:21:85:12

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

i-env.shop *.i-env.shop

Other domains in certificate

avecinstinct.org *.avecinstinct.org

awazonsh.vip *.awazonsh.vip

beatits.shop *.beatits.shop

birrl.com *.birrl.com

blackdiamondiq.com *.blackdiamondiq.com

blx3.sbs *.blx3.sbs

bruntmorcookware.shop *.bruntmorcookware.shop

bs2tsite1.io *.bs2tsite1.io

bumilgar.shop *.bumilgar.shop

caomei1106.top *.caomei1106.top

catalog-classics.shop *.catalog-classics.shop

chronometriefineched.com *.chronometriefineched.com

cinefil-imagica.com *.cinefil-imagica.com

clubaq.com *.clubaq.com

comfty.shop *.comfty.shop

connectspherehub.xyz *.connectspherehub.xyz

cosnoricream.shop *.cosnoricream.shop

cozy-companions.shop *.cozy-companions.shop

cs1mapan168.xyz *.cs1mapan168.xyz

cwpbx.qpon *.cwpbx.qpon

d73roulette.lol *.d73roulette.lol

deebest.shop *.deebest.shop

hazelcreme.shop *.hazelcreme.shop

hotelsheetsdirect.shop *.hotelsheetsdirect.shop

hrkld.qpon *.hrkld.qpon

hurrans.shop *.hurrans.shop

hyperikon.shop *.hyperikon.shop

ienertwist.shop *.ienertwist.shop

jdzyx.qpon *.jdzyx.qpon

jorlumarex.sbs *.jorlumarex.sbs

lecuyer.restaurant *.lecuyer.restaurant

leonbets-casino-e5fov.xyz *.leonbets-casino-e5fov.xyz

lethimcook.vip *.lethimcook.vip

lfphv.qpon *.lfphv.qpon

livertpjet77.cfd *.livertpjet77.cfd

lleri.com *.lleri.com

lmqav.qpon *.lmqav.qpon

logi18wheel.com *.logi18wheel.com

rjepa.qpon *.rjepa.qpon

rtp-bintangkode4d.cfd *.rtp-bintangkode4d.cfd

sdwjf.qpon *.sdwjf.qpon

shsjerttdje.cyou *.shsjerttdje.cyou

sk8wle.cyou *.sk8wle.cyou

snskm.loan *.snskm.loan