Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=dico.group
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
December 01, 2025
Valid Until
March 01, 2026
64 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
1D:F6:53:A8:F0:94:8F:02:F3:F6:DF:F0:83:CF:5F:01:74:33:62:D2:D6:43:B4:CD:17:AD:8E:6B:F6:18:DA:45
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
respect.bio
*.respect.bio
*.www.respect.bio
*.5.giokefor.online
aishaacademy.online
*.aishaacademy.online
amharic.io
*.amharic.io
*.hostmaster.amharic.io
*.www.amharic.io
andolfgroup.online
*.andolfgroup.online
apl-net.com
*.apl-net.com
*.bantuan-bansos2024.apl-net.com
*.infoloker.apl-net.com
*.lowongan-kerja.apl-net.com
*.ww25.apl-net.com
babysora.vip
*.babysora.vip
*.ino.babysora.vip
*.shop.babysora.vip
*.swap.babysora.vip
*.ww38.babysora.vip
chnews012.site
*.chnews012.site
*.ww25.chnews012.site
deltaoyun.com
*.deltaoyun.com
*.discord.deltaoyun.com
*.ww38.deltaoyun.com
dico.group
*.dico.group
*.cdn.einrichtungsberatung.online
*.cloud.einrichtungsberatung.online
einrichtungsberatung.online
*.einrichtungsberatung.online
*.magento.einrichtungsberatung.online
*.mx.einrichtungsberatung.online
*.pay.einrichtungsberatung.online
*.remote.einrichtungsberatung.online
*.sitemaps.einrichtungsberatung.online
*.store.einrichtungsberatung.online
*.wap.einrichtungsberatung.online
*.web.einrichtungsberatung.online
*.ww25.einrichtungsberatung.online
*.www.einrichtungsberatung.online
firstcommercebankmobile.com
*.firstcommercebankmobile.com
*.ww25.firstcommercebankmobile.com
georgiaoutdoorstewardship.org
*.georgiaoutdoorstewardship.org
giokefor.online
*.giokefor.online
kampus88.pro
*.kampus88.pro
*.www.kampus88.pro
kontrastolesno.pl
*.kontrastolesno.pl
londrespg.bet
*.londrespg.bet
*.ww25.londrespg.bet
millcreekecoresort.com
*.millcreekecoresort.com
*.040c34.openaiboost.com
*.2db02d.openaiboost.com
*.4a474a.openaiboost.com
*.4f33c2.openaiboost.com
*.5d6149.openaiboost.com
*.ddf207.openaiboost.com
openaiboost.com
*.openaiboost.com
*.rw7rd.openaiboost.com
*.cannabotechbr.quanticherbs.com
*.garimpomusical.quanticherbs.com
*.hubundertech.quanticherbs.com
*.loja.quanticherbs.com
*.quantic-regenerar.quanticherbs.com
*.quanticeducation.quanticherbs.com
*.quanticgenetics.quanticherbs.com
quanticherbs.com
*.quanticherbs.com
*.quanticherbs.quanticherbs.com
*.quanticnews.quanticherbs.com
*.syqe-brasil.quanticherbs.com
*.thequantichub.quanticherbs.com
startupfinance.au
*.startupfinance.au
Other domains in certificate