DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=klf1.live
Issuer
C=US, O=Let's Encrypt, CN=YR2
Valid From
June 04, 2026
Valid Until
September 02, 2026 78 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
41:5D:B7:8E:BF:00:21:66:E3:A0:E1:BB:7B:91:ED:BB:54:70:86:82:6A:D2:0F:1E:2D:B1:58:7A:61:92:02:6E
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
akris.info *.akris.info *.h3hbm4.akris.info *.m.akris.info

Other domains in certificate

a-leagueauctions.com *.a-leagueauctions.com
*.cloud.etereel.com etereel.com *.etereel.com *.rd.etereel.com *.rds.etereel.com *.rdweb.etereel.com
*.admin.fenixtm.net *.app.fenixtm.net fenixtm.net *.fenixtm.net *.mail.fenixtm.net
*.chart.gowatchseries.io gowatchseries.io *.gowatchseries.io *.production.gowatchseries.io *.regional.gowatchseries.io *.ww12.gowatchseries.io *.ww4.gowatchseries.io *.ww7.gowatchseries.io *.www.gowatchseries.io
*.172.jinmancomic.xyz *.comww25.jinmancomic.xyz *.d.jinmancomic.xyz *.download.jinmancomic.xyz *.get.jinmancomic.xyz jinmancomic.xyz *.jinmancomic.xyz *.ww17.jinmancomic.xyz *.ww38.jinmancomic.xyz
kkemeufz.sbs *.kkemeufz.sbs
*.byv.klf1.live *.cfk.klf1.live *.csp.klf1.live *.dci.klf1.live *.exr.klf1.live *.kfb.klf1.live klf1.live *.klf1.live *.odo.klf1.live *.poa.klf1.live *.ssw.klf1.live *.tjq.klf1.live *.uix.klf1.live *.unu.klf1.live *.wpe.klf1.live
*.grc2go.manxiantang.com manxiantang.com *.manxiantang.com
*.doc.mynetisp.net *.mail.mynetisp.net mynetisp.net *.mynetisp.net *.net.mynetisp.net *.noc.mynetisp.net
*.live1.saoketv28.xyz saoketv28.xyz *.saoketv28.xyz
*.abc.theshodo.com *.cpcontacts.theshodo.com *.demo.theshodo.com *.dev.theshodo.com *.r2.theshodo.com *.secure.theshodo.com *.test.theshodo.com theshodo.com *.theshodo.com *.uk.theshodo.com *.ww25.theshodo.com
*.app.trageplusnow.com trageplusnow.com *.trageplusnow.com
*.avzaixia.www5789pi.com *.com.www5789pi.com *.czb.www5789pi.com *.m.www5789pi.com *.www.www5789pi.com www5789pi.com *.www5789pi.com
*.hostmaster.xolo.studio *.www.xolo.studio xolo.studio *.xolo.studio