Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=vestacp.co
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 11, 2026
Valid Until
August 09, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
77:54:C7:92:16:56:B2:91:F5:91:CF:77:54:E1:FD:45:21:C9:36:E1:A8:8B:F3:D7:06:01:63:9A:19:72:FB:A9
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
ycokr.com
*.ycokr.com
*.2pyclb.ycokr.com
*.access.ycokr.com
*.apps.ycokr.com
*.mail.ycokr.com
*.rdp.ycokr.com
*.rds.ycokr.com
*.test.ycokr.com
*.ts.ycokr.com
arabsoft.me
*.arabsoft.me
bandenere.it
*.bandenere.it
*.dashboard.bandenere.it
*.dev.bandenere.it
*.mailhost.bandenere.it
*.owa.bandenere.it
*.supersets.bandenere.it
cloud-data-services-tz-6731.sbs
*.cloud-data-services-tz-6731.sbs
colonialexperiences.click
*.colonialexperiences.click
cqhushi.cn
*.cqhushi.cn
criminalistician.info
*.criminalistician.info
cruisenta.sbs
*.cruisenta.sbs
cryptobettingindex.com
*.cryptobettingindex.com
cybertruck777.com
*.cybertruck777.com
d466quiz0505s.sbs
*.d466quiz0505s.sbs
daepohang.co.kr
*.daepohang.co.kr
dealrocket.info
*.dealrocket.info
delirifacient.com
*.delirifacient.com
denticere.com
*.denticere.com
*.9tm3e0.depo55terus.com
depo55terus.com
*.depo55terus.com
digitalpixel.com.au
*.digitalpixel.com.au
*.login.digitalpixel.com.au
*.www.digitalpixel.com.au
duct-installers-companies-xl.click
*.duct-installers-companies-xl.click
fomoaccelerate.com
*.fomoaccelerate.com
fomoamplify.com
*.fomoamplify.com
*.hostmaster.ilpontesullostretto.it
ilpontesullostretto.it
*.ilpontesullostretto.it
*.www.ilpontesullostretto.it
*.app.infitness.it
*.hostmaster.infitness.it
infitness.it
*.infitness.it
joyus.life
*.joyus.life
*.connect.juji.tv
juji.tv
*.juji.tv
*.m.juji.tv
*.wap.juji.tv
*.ww25.juji.tv
*.www.juji.tv
muzic.life
*.muzic.life
*.dash.phill.it
*.ftp.phill.it
phill.it
*.phill.it
*.pop.phill.it
*.staging.phill.it
*.www.phill.it
*.ftp.snc9sx.xyz
snc9sx.xyz
*.snc9sx.xyz
*.ww25.snc9sx.xyz
*.ww38.snc9sx.xyz
vestacp.co
*.vestacp.co
*.www.vestacp.co
Other domains in certificate