Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=demerstech.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 05, 2025
Valid Until
January 04, 2026
55 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
AE:E4:02:9B:24:09:E3:36:A3:6D:9C:A4:61:47:AE:E3:49:6E:B4:E2:68:85:98:37:2E:51:9E:67:03:F4:68:95
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.janbari.tv
eu.assets.cloud.acurable.com
gaeste-intranet.additive-apps.eu
aerav.it
alexanderschwartz.de
service.alko-garden.hu
www.almeidapallu.com.br
www.aplicacioneseingenieria.com
www.app-implantcompare.com
mx.marketplace.bee-seller.com
backoffice.bepos.io
www.bestdata.cl
bettercoachs.com
www.bidshak.com
bineo-consulting.com
my.caren.io
sander.cateringportal.io
www.cerrahi.tv
chapeletperpetuel.com
chetak.pro
www.colcambiosaustralia.com
home-choice.com.hk
link.mypay.com.my
www.cubomarketing.com
d24laundry.com
www.daniciti.com
dansa.live
demerstech.com
devabees.com
devchez.com
deviber.com
diporifle.com
discharge-demo.docvita.app
www.ec-int.com.pe
rimcat.echowear.org
auth6.google.eitvcloud.com
go.emplo.ca
www.endofleaseccb.com.au
de.eurovision.app
es.eurovision.app
www.expirytracker.live
coordinator.fitoutawards.ie
gametrack.app
gloryofgodcenter.org
econtent.gmit.mn
gofieldguide.app
staging.innoneers.com
consultant.stg.innovators-career.com
instameta.ai
tudo28.io.vn
irisambiente.it
jadekang.me
jmlindseth.no
www.joanna-chow.com
ordernow.lakesidepho.net
www.letprompt.com
locations.app
machinepop.app
majorscoops.com
www.maxloh.com
petropiar.metax-ims.com
mikehatzi.me
mothership.cx
www.motivaeacao.com.br
moveon-foundation.com
www.mundodeproduto.com.br
miraiz.new-one.co.jp
nexusmed.in
compose.onelenyk.dev
ongalmaviralata.com.br
auth.openblox.io
policy.owlplus.app
palveluun.fi
www.passfree.com.br
spb.ppdjulau.com
admin.privemd.com
dev.pwatungsten.app
selbeg.mn
shariqahmed.org
www.sidelaner.de
www.siref.mx
dev-link.steaker.com
teamtribe.de
backoffice-dev.thaiqrmenu.com
www.thedudu.space
tools.tmn.services
tuminhan.com
waitlist.unusual.inc
unwanteds.app
www.urgnot.io
velqwick.com
viajeserevan.com.ar
linktrn.ffm.vic.gov.au
migration.vida.studio
messages.wallsync.net
www.weike.ca
web-proxy.wekita-welt.de
www.lmm.withorca.com
wonkywidgets.dev
zavgorodiy.ru
Other domains in certificate