Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.diddo.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 31, 2025
Valid Until
March 31, 2026
72 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E6:49:5C:FF:EC:DF:53:2A:A4:99:57:D0:44:30:7A:5D:3D:EA:C1:9F:D7:48:92:4E:F1:75:8D:A1:1A:65:12:3D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
join.ourflat-app.com
g.25045885.com
3settembre.it
derby.academytrial.com
aarthiscans.acuizen.com
app.aarthiscans.acuizen.com
agntworks.ai
www.alectoconsulting.com
dartmouth-skiway.get.alpinemedia.com
ski-middlebury.get.alpinemedia.com
automata.gg
www.bettermos.com
codenames.bjoernveit.com
mstudio.carbonesoftware.com
ceslua.com
tiruvannamalai.citydroptaxi.com
colegiosamuelmorse.com
ingresa.asistensi.com.do
www.wewatch.com.hk
joiniosbridge.cosmitude.com
www.damianhaziak.dev
devbread.com
www.dharmagymforall.uk
diakitech.com
www.diddo.es
doverstav.se
arquitetos.ecotelhado.com
emprendeprepa.com
www.enishi-tech.com
eyeassociatesms.com
s.faithaiapp.com
www.ferdousi.de
www.flatmate.co.nz
flickfeed.app
www.flickfeed.app
www.flintknivesbybo.com
docs.fuchsia.dev
gabrielosbeck.com
gb-dyna.com
gekkotech.se
get8oceans.com
glmc.biz
grabadopreciso.com
clip-clap.grupoxalka.com
www.guitarlessonsmiddlesbrough.com
gurkamal.com
habitflourish.com
holdmyspot.dk
homeattlas.com
hugoguilherme.com
inlined.dev
jacobandhannah.us
www.jacobcthomas.com
i.jayukim.com
kkacademyindia.com
orders.klyvo.app
portal.klyvo.app
www.kr3.in
www.larvtech.se
leasparkman.com
lexflare.com
app.linkfacil.me
margotlurie.com
martinvanco.sk
www.mazehillstudio.co.uk
memoryof518.com
links.merkha.com
mifo.com.mx
aud-app.minna-no-ginko.com
dev.multiplai.co
www.my-elg.app
mynext.io
www.navbharat-iti.com
www.nayiwrites.com
www.nextbooktoread.com
ntmdev.com
nyapphatchery.com
order-vision.com
sml.piticommerce.com
gestionale.promozionecultura.it
link.r74n.com
app.schaltschrankbau-wied.de
scorehome.app
www.sendbay.app
app.simple590.ch
southhillbreadbox.com
www.sudam.co.nz
staging.portal.superdispatch.org
www.swlendingcloset.org
admin.tafakari.app
www.tanztan.com
telegraphtower.town
lab.thelion.io
thesudoacademy.com
www.toml.dev
www.trackstars.se
travel-logs.com
turnieranmeldung.at
link.zaruba.app
www.zibunmedia.net
Other domains in certificate