Open
Cached
·
just now
76/100
SECURITY SCORE
Certificate Information
Subject
CN=hiu4dstar.click
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 04, 2026
Valid Until
May 05, 2026
84 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
13:A1:27:9C:7C:07:D4:D3:71:0D:0B:B8:D9:44:A9:B1:C5:B8:0F:AD:FD:97:FD:2B:61:3B:26:05:D4:22:3F:61
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
bohioai.io
*.bohioai.io
*.autodiscover.bohioai.io
adultdriversed.com
*.adultdriversed.com
*.wiki.adultdriversed.com
avxxj1.com
*.avxxj1.com
*.backend.avxxj1.com
*.ww25.avxxj1.com
bactel.com
*.bactel.com
*.help.bactel.com
*.imapmail.bactel.com
*.portal.bactel.com
*.remote2.bactel.com
*.sslvpn2.bactel.com
*.sslvpn3.bactel.com
*.ww11.bactel.com
*.ww16.bactel.com
bilardi.com
*.bilardi.com
*.postmaster.bilardi.com
*.ww17.bilardi.com
coloradorestaurantresponse.org
*.coloradorestaurantresponse.org
*.www.coloradorestaurantresponse.org
*.3rpuu1.douyinjiasu.xyz
*.4y2ai0.douyinjiasu.xyz
*.8jppdn.douyinjiasu.xyz
*.9xx1n8.douyinjiasu.xyz
*.cgfsep.douyinjiasu.xyz
douyinjiasu.xyz
*.douyinjiasu.xyz
*.g1wa52.douyinjiasu.xyz
*.j9lpw7.douyinjiasu.xyz
*.okvruf.douyinjiasu.xyz
*.tukbfm.douyinjiasu.xyz
*.w48xqj.douyinjiasu.xyz
*.xmlgnp.douyinjiasu.xyz
*.y7l9q6.douyinjiasu.xyz
*.zjehxg.douyinjiasu.xyz
findloan.com.au
*.findloan.com.au
*.api.foodpluggs.shop
*.app.foodpluggs.shop
*.bigboss.foodpluggs.shop
*.boss.foodpluggs.shop
foodpluggs.shop
*.foodpluggs.shop
*.intranet.foodpluggs.shop
*.sitemap.foodpluggs.shop
*.sitemaps.foodpluggs.shop
*.store.foodpluggs.shop
*.demo.hiu4dstar.click
hiu4dstar.click
*.hiu4dstar.click
launches.au
*.launches.au
*.random.launches.au
*.cynghj.linearhe.shop
linearhe.shop
*.linearhe.shop
magcloud.co
*.magcloud.co
*.mx.magcloud.co
*.ww25.magcloud.co
*.www.magcloud.co
mitosplay88.cc
*.mitosplay88.cc
rentfences.com
*.rentfences.com
*.opca.sportsngine.com
sportsngine.com
*.sportsngine.com
tafescourseonline.au
*.tafescourseonline.au
vikingappliances.com
*.vikingappliances.com
*.ww16.vikingappliances.com
*.ww25.vikingappliances.com
*.ww38.vikingappliances.com
workdude.com
*.workdude.com
*.ww1.workdude.com
*.nr.zeitgeistmovement.sk
*.random.zeitgeistmovement.sk
zeitgeistmovement.sk
*.zeitgeistmovement.sk
Other domains in certificate