Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=bhf.gg
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
May 16, 2026
Valid Until
August 14, 2026
77 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
45:75:84:01:87:DC:DB:1A:F4:EC:AB:1A:0D:9C:5D:EA:03:41:07:00:97:D2:97:F5:B9:03:15:68:DF:CD:F2:7A
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
mixrmatch.com
*.mixrmatch.com
*.api.mixrmatch.com
*.argo.mixrmatch.com
*.dddd.mixrmatch.com
*.insight-alpha.mixrmatch.com
*.insight-staging.mixrmatch.com
*.m.mixrmatch.com
bhf.gg
*.bhf.gg
*.btcpay.bhf.gg
*.sitemap.bhf.gg
*.sitemaps.bhf.gg
*.vpn.bhf.gg
*.ww7.bhf.gg
*.33e82078-55bc-47a4-9af0-963f21bd5a03.iq-option.vip
*.api.iq-option.vip
*.app.iq-option.vip
*.backup.iq-option.vip
*.best-broker.iq-option.vip
*.best-brokernet.iq-option.vip
*.best-brokers.iq-option.vip
*.bestbroker.iq-option.vip
*.binomo-oficial.iq-option.vip
*.bitqt.iq-option.vip
*.broker-th.iq-option.vip
*.cpanel.iq-option.vip
*.cpcalendars.iq-option.vip
*.cpcontacts.iq-option.vip
*.dashboard.iq-option.vip
*.dev.iq-option.vip
*.hl88vietnam.iq-option.vip
*.iq-option-link.iq-option.vip
iq-option.vip
*.iq-option.vip
*.iq-options.iq-option.vip
*.iq-optionx.iq-option.vip
*.iq-robotnet.iq-option.vip
*.iqoption-id.iq-option.vip
*.iqoption-th.iq-option.vip
*.iqoptionx.iq-option.vip
*.iqrobot.iq-option.vip
*.list-broker.iq-option.vip
*.m.iq-option.vip
*.mail.iq-option.vip
*.marketing.iq-option.vip
*.mdveubestbroker.iq-option.vip
*.msrbpapp.iq-option.vip
*.olymptrade.iq-option.vip
*.olymptradebest.iq-option.vip
*.oyvccmdveubestbroker.iq-option.vip
*.qa.iq-option.vip
*.saopjdslrqoyvccmdveubestbroker.iq-option.vip
*.staging.iq-option.vip
*.tradingbrokers.iq-option.vip
*.uat.iq-option.vip
*.vip.iq-option.vip
*.webdisk.iq-option.vip
*.webmail.iq-option.vip
*.www.iq-option.vip
*.admin.khaleejnews.net
*.app.khaleejnews.net
*.assets.khaleejnews.net
*.backup.khaleejnews.net
khaleejnews.net
*.khaleejnews.net
*.mailer.khaleejnews.net
*.qa.khaleejnews.net
*.sitemap.khaleejnews.net
*.web.khaleejnews.net
*.wvsudciq.khaleejnews.net
*.www.khaleejnews.net
*.085tw.llp8.cab
*.32608.llp8.cab
*.33595.llp8.cab
*.49798.llp8.cab
*.53931.llp8.cab
*.61253.llp8.cab
*.69556.llp8.cab
*.80419.llp8.cab
*.94478.llp8.cab
*.95254.llp8.cab
*.97050.llp8.cab
*.bopgr.llp8.cab
*.euukt.llp8.cab
*.gifdb.llp8.cab
llp8.cab
*.llp8.cab
*.pub3d.llp8.cab
*.r8qlj.llp8.cab
Other domains in certificate