Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=derash.app
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 20, 2026
Valid Until
August 18, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AE:22:FB:85:F9:2D:C1:20:75:B3:1C:19:38:9F:BF:1A:27:D4:90:E6:02:C4:E1:D1:06:E7:CE:0C:9E:6E:26:6E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
derash.app
*.derash.app
*.admin.derash.app
*.apipart.derash.app
*.biz.derash.app
*.fund.derash.app
*.01.erotots.co
*.04aef97c-a626-445c-b488-b91c333e9ed2.erotots.co
*.1467b734-08a2-4d59-a5f5-09fdbc85f154.erotots.co
*.3340c832-237b-4165-a2ae-26dae652fc07.erotots.co
*.dbqjxww4.erotots.co
*.emv1.erotots.co
erotots.co
*.erotots.co
*.fr.erotots.co
*.notexistsww1.erotots.co
*.sitemaps.erotots.co
*.ww01.erotots.co
*.ww1.erotots.co
*.ww2.erotots.co
*.ww25.erotots.co
*.ww4.erotots.co
*.www.erotots.co
esrarbilgi.info
*.esrarbilgi.info
*.www.esrarbilgi.info
*.app.f100700w3e7dhidkcisydie2ng1sp.top
f100700w3e7dhidkcisydie2ng1sp.top
*.f100700w3e7dhidkcisydie2ng1sp.top
*.sitemap.f100700w3e7dhidkcisydie2ng1sp.top
*.sitemaps.f100700w3e7dhidkcisydie2ng1sp.top
*.09rsf.homecareedge.com
*.1219.homecareedge.com
*.2524274.homecareedge.com
*.2677.homecareedge.com
*.3786.homecareedge.com
*.533f62be-69ca-4c41-bfe1-da52eb14727b.homecareedge.com
*.6h4erbnh.homecareedge.com
*.7.homecareedge.com
*.81473.homecareedge.com
*.9669961.homecareedge.com
*.admin.homecareedge.com
*.api.homecareedge.com
*.app.homecareedge.com
*.assets.homecareedge.com
*.backup.homecareedge.com
*.bdaek2392649.homecareedge.com
*.canada.homecareedge.com
*.chart.homecareedge.com
*.dashboard.homecareedge.com
*.demo.homecareedge.com
*.dev.homecareedge.com
*.dgdu22gj.homecareedge.com
*.dgpli9669961.homecareedge.com
*.dhmhbmailer.homecareedge.com
*.e5gzwc0m.homecareedge.com
*.gcwzd4545.homecareedge.com
*.hengyang.homecareedge.com
homecareedge.com
*.homecareedge.com
*.hongkong.homecareedge.com
*.hpeg37ku.homecareedge.com
*.loudi.homecareedge.com
*.lqbgb2328894.homecareedge.com
*.mail.homecareedge.com
*.mailer.homecareedge.com
*.marketing.homecareedge.com
*.mhqstbch.homecareedge.com
*.payment.homecareedge.com
*.pylwbjxi.homecareedge.com
*.qa.homecareedge.com
*.qhzkbvtn.homecareedge.com
*.qlxsmloudi.homecareedge.com
*.rn7bdq.homecareedge.com
*.secure.homecareedge.com
*.ssl.homecareedge.com
*.staging.homecareedge.com
*.stg.homecareedge.com
*.sunhylid.homecareedge.com
*.test.homecareedge.com
*.uat.homecareedge.com
*.v1.homecareedge.com
*.v2.homecareedge.com
*.vgkyp8xk.homecareedge.com
*.vpn.homecareedge.com
*.web.homecareedge.com
*.www.homecareedge.com
*.xingzuo.homecareedge.com
*.zhangping.homecareedge.com
*.zhoukou.homecareedge.com
Other domains in certificate