Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=acc.embedder.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 25, 2025
Valid Until
February 23, 2026
82 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
65:C4:61:F7:69:49:E7:00:EF:F8:BD:04:9B:CA:3D:91:3E:B8:D0:4C:9D:CD:8B:58:C8:D4:8B:C4:B6:1A:F7:7C
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
welcome.equiem.mobi
chat.3ple.jp
d3mix.a-zero.net
vcj.akamojo.app
www.angela-albani.de
anvilapp.org
stores.refood.app.br
bartreauconstructionllc.com
rider-web.basis-test.bike
innovatur.bigjonan.com.ar
jarvany.bk0.eu
blue-magnolia.co.za
app.blvrd.de
boscoimoveis.com
app.carson.ca
chore-master.com
classie.ai
clearmed.site
www.confera.me
contexthq.ai
staging.copybase.com.br
portal.crump.space
live.csforall.org
www.cuckoos.link
assets.curved.money
datapredict.online
www.dood.lol
www.dorkbotsofia.org
e3system.co
www.eatsleepcode.ninja
ebookkidsdigital.shop
pos.ellieerp.com
acc.embedder.app
exportselect.es
www.flocc.app
www.florencerugifttest.com
gijernet.no
lecture.gla.jp
gongstar.kr
helmyun.art
menu.hotelesdigitales.com
invyts.com
itqan-archi.ma
app.joinsafenet.com
joyeriaalamoda.com
invites.kaadi.app
kalisty.site
www.kasloans.com.au
kazary.com.br
kono-michi.com
new.kyberoppi.fi
www.letsbowlchennai.in
licexam.net
www.ln2monitor.com.br
csob.lukascech.cz
my.manifestfinancial.com
maracanbissau.com
mastudios.site
minati.exchange
app.mindlib.de
www.mytcgcollection.com
nakurz.cz
jumla.nepaldrivinglicense.site
nawalparasi.nepaldrivinglicense.site
www.offsideornot.com
www.onlinetagebuch.de
freecell.pixeption.net
www.potries2031.net
prodigydocs.com
open.proximy.ca
www.pullotexpress.ma
www.rangemint.com
md-apex.rcloudsoft.app
www.repwise.co.uk
auth.rideshareledger.com
rsgdashboard.church
sailwo.com
sakura.pink
www.sandozrestaurants.in
readflow.sarai.quest
admin.sayarti.com
senaerarslan.com
setsquare.app
care-portal.diga-meno-production-eu.cluster.sidekickhealth.com
sdms.simpl-app.com
pau-halloween.sky-boy.com
skyresaviation.com
offer.skyworker.no
www.sociple.com
solusiq.com
spurtrail.com
www.thedigipin.in
uky.ooo
www.urchaag.in
www.valoracore.com
versait.nl
versprite.services
registro.violeta-app.com
voleijam.com
vschedulemk.com
Other domains in certificate