We recently dug into the DigiCert Domain Control Verification compliance issue to try and quantify its real-world impact and determine how many public-facing web entities are using an affected certificate.
As of two days ago over 26,000 certificates are still active on public websites across ~3.5 million physical and virtual hosts -- although almost 99% of those certs have already been revoked. We also analyzed registered domains to identify the most impacted companies and industries. You can read more about our findings in our blog published yesterday: The DigiCert DCV Bug: Implications and Industry Impact.
Organizations have until this Friday at 20:30 UTC to replace these certificates according to DigiCert.
If you're looking to find affected certificates, you can use this Censys Search query: labels=digicert-revoked-dcv and filter on your domains (by appending and services.tls.certificates.leaf_data.names=*.yourdomain.com). Keep in mind that results will continue to roll in over the next 24 hours.