DNS Gurus
Cached · just now
76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Let's Encrypt logo Let's Encrypt

Certificate Information

Subject
CN=bhq.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 14, 2026
Valid Until
July 13, 2026 52 days
Public Key
RSA 4096 bit Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
25:49:DF:25:22:05:77:FA:9F:CB:8F:6F:0D:4F:0E:22:FE:55:86:BA:52:F7:EC:3B:59:3E:59:AA:AD:3B:86:1F
Alternative Names
89 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains
youroffice.it *.youroffice.it *.admin.youroffice.it *.analytics.youroffice.it *.app.youroffice.it *.dev.youroffice.it *.remote.youroffice.it *.report.youroffice.it *.reports.youroffice.it *.superset.youroffice.it

Other domains in certificate

249signalsquadron.co.uk *.249signalsquadron.co.uk
*.admin.bhq.it *.analytics.bhq.it *.backend.bhq.it bhq.it *.bhq.it *.bi.bhq.it *.board.bhq.it *.chart.bhq.it *.dashboard.bhq.it *.demo.bhq.it *.intelligence.bhq.it *.notexistsapp.bhq.it *.notexistsdev.bhq.it *.remote.bhq.it *.report.bhq.it *.reports.bhq.it *.stats.bhq.it
centerpointeenergy.com *.centerpointeenergy.com *.comwww.centerpointeenergy.com *.myaccount.centerpointeenergy.com *.payments.centerpointeenergy.com *.ww25.centerpointeenergy.com
factory-roof-repair-10.sbs *.factory-roof-repair-10.sbs
grababyte.us *.grababyte.us
gslwu.casino *.gslwu.casino
gutenberg-theme.xyz *.gutenberg-theme.xyz
insightbahaibookshop.com *.insightbahaibookshop.com
*.email.kidshive.com kidshive.com *.kidshive.com
lapetiteourseusa.com *.lapetiteourseusa.com
littlelunaevents.com *.littlelunaevents.com
lofoten.tours *.lofoten.tours
messitv.org *.messitv.org
mobplus.fun *.mobplus.fun
northeastlincolnshire.uk *.northeastlincolnshire.uk
*.aapl-members.onlinealert.help *.m.onlinealert.help onlinealert.help *.onlinealert.help *.sitemaps.onlinealert.help
parsands.co.uk *.parsands.co.uk
pg137.bet *.pg137.bet
*.analyze.pinodasti.com *.development.pinodasti.com pinodasti.com *.pinodasti.com *.staging.pinodasti.com *.workflow.pinodasti.com
pmpanels.co.uk *.pmpanels.co.uk
portadownboilerservices.co.uk *.portadownboilerservices.co.uk
posture.co.uk *.posture.co.uk
selectfactoring.co.uk *.selectfactoring.co.uk
singlesourcerecruitment.co.uk *.singlesourcerecruitment.co.uk
together.watch *.together.watch
velvetleaf.nl *.velvetleaf.nl