Open
Cached
·
3h ago
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=affrevo.co
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 21, 2026
Valid Until
August 19, 2026
74 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4B:4E:F7:D9:03:A3:5B:C4:E2:84:69:76:0B:B1:CF:CD:C4:6B:24:01:E7:EF:DB:F4:74:06:BC:D3:02:4B:EF:74
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
teensonchain.com
*.teensonchain.com
*.app.teensonchain.com
affrevo.co
*.affrevo.co
*.1qbny.klyiq.com
*.36egy.klyiq.com
*.39ize.klyiq.com
*.6e49t.klyiq.com
*.8j17y.klyiq.com
*.9hgcb.klyiq.com
*.client.klyiq.com
*.cn5yi.klyiq.com
*.connectvpn.klyiq.com
*.cqhcz.klyiq.com
*.g3i2i.klyiq.com
*.k5oxp.klyiq.com
klyiq.com
*.klyiq.com
*.kq73c.klyiq.com
*.login.klyiq.com
*.m925k.klyiq.com
*.mobile.klyiq.com
*.office.klyiq.com
*.portal.klyiq.com
*.remoteaccess.klyiq.com
*.ssl.klyiq.com
*.v7m3c.klyiq.com
*.vpn.klyiq.com
*.vpn1.klyiq.com
*.vwjz2.klyiq.com
*.x0rkv.klyiq.com
*.x9xxv.klyiq.com
*.zd6ox.klyiq.com
kunstbarbar.de
*.kunstbarbar.de
*.lghtfm.kunstbarbar.de
*.0883cac9-a858-4723-ac1c-353be6df1599.lfsakura0.vip
*.42ij5k.lfsakura0.vip
*.a9292a84-6d51-45bf-9463-ce390d553a50.lfsakura0.vip
*.api.lfsakura0.vip
*.app.lfsakura0.vip
*.backup.lfsakura0.vip
*.dev.lfsakura0.vip
lfsakura0.vip
*.lfsakura0.vip
*.members.lfsakura0.vip
*.staging.lfsakura0.vip
*.test.lfsakura0.vip
*.vip.lfsakura0.vip
*.2ec45102-aac4-4838-8594-1046a3dd023f.syduc.com
*.64ww5p.syduc.com
*.api.syduc.com
*.app.syduc.com
*.backup.syduc.com
*.cloud.syduc.com
*.dashboard.syduc.com
*.dev.syduc.com
*.gateway.syduc.com
*.gymcyv1.syduc.com
*.hbwvadashboard.syduc.com
*.jd.syduc.com
*.l.syduc.com
*.m.syduc.com
*.mailer.syduc.com
*.marketing.syduc.com
*.oni.syduc.com
*.orsvpuat.syduc.com
*.portal.syduc.com
*.qa.syduc.com
*.qdd.syduc.com
*.rds.syduc.com
*.rdweb.syduc.com
*.remote.syduc.com
*.scdow.syduc.com
*.secure.syduc.com
*.staging.syduc.com
*.stg.syduc.com
syduc.com
*.syduc.com
*.syplgportal.syduc.com
*.td.syduc.com
*.ts.syduc.com
*.uat.syduc.com
*.v1.syduc.com
*.wpw.syduc.com
*.wreao64ww5p.syduc.com
*.www.syduc.com
*.yysh.syduc.com
*.zoslkxcu.syduc.com
Other domains in certificate