Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=embed.diddo.es
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 06, 2025
Valid Until
March 06, 2026
45 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
08:F2:45:1F:B4:C2:72:F9:B8:31:17:D7:24:BA:A7:5A:40:E3:D1:8E:AF:8F:02:E5:A0:C5:83:61:29:05:46:BC
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.code-sign.eu
2025jobs.com
accessiblewebmedia.com
google.secure.accountlogin.us
m.aihouse.au
www.algorhythm.world
salesmanager.andoresudevs.com
www.attractivesafaris.rw
www.avec.si
www.believefcenter.com
staging.bestdiplomats.org
www.bethadamsartist.com
www.bettercoachs.com
blakemcmullan.com
www.bookaseat.co.za
botiq.co.za
builder.boxup.io
www.callsheet.work
caribocho.com
sander-catering.cateringportal.io
partners.cellectivity.com
admin.amst.co.in
new-portal.sengliy.com.my
www.homebid.com.my
crispoo-uat-orders.crispnow.com
crissknotcottage.com
docs.cupps.me
scorecard.curtisrutland.com
www.dailychinese.app
algebrai.dargahi.no
drc.dharmatech.in
www.diamonddconsulting.com
embed.diddo.es
forum.divshot.com
www.ebot.technology
ecuestre.digital
eyes.science
split.facesapp.pro
www.fibredb.co.za
book.getease.com
portal.dev.gigbuddy.app
public.goodapp.in
www.gorzycki.net
www.grisogono.eu
www.hangperson.com
hintofun.com
hkbus-eta.com
www.homebuyersbiz.com
vsf.idoxs.app
www.igrejaibc.org
imgs-pdf.com
www.iuy.me
jdoxs.com
jupyternotebook.dev
justappin.com
www.laeredi.com
washer.londr.com
sandbox.mabl.com
auth.manabox.app
www.marcodcarini.com
corona.mayamd.ai
medicaldataapp.com
bestellen.mevlana-her.de
mitchandmeera.ca
robocode.mits.ee
www.mobover.com
spondnow.mxdchn.com
neuro-screen.com
nexobuild.com
finance.a.nya3.jp
ouriginal.onlinepartner.se
auth.onsites.biz
app.morse-it-debug.pacolabs.com
education.qflit.com
www.rapimoney.pe
runcovial.com
feyti.rupertcloud.com
sagasys.tech
savankotadiya.com
shortlink.shedpro.co
www.solanaoracle.com
www.spadeandplate.com
stanik.in
dev.sukidana.com
szns.art
www.tangled.me
www.tecnofy.org
links.textaspect.com
burgos1.vv.toysfilms-interactive.com
oneview.tranzmeo.com
m.tucambista.pe
udproductions.ca
eu.operations.lobby.uveye.online
vaina.club
get.vdi6022.app
www.vertientesdemaullin.cl
weddininvite.com
www.whatstherush.ca
wishexplorer.com
www.y-mgt.com
Other domains in certificate