Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=www.backtalk.info
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
46 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
62:7F:4F:15:77:E4:4B:80:CA:B4:EE:5F:92:5A:ED:40:49:AD:13:BC:BA:92:DA:C5:F7:5A:38:9C:0B:60:BF:0D
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
roygevers.nl
aakizukii.com
www.aionrx.com
www.airportspeedpark.com
fb.ajesta.work
feature.alpharoot.com
alxgarden.com
test.aquafacts.com
staging-family.arabeelearning.com
www.auto-verkopen-belgie.com
auth.backstabbr.com
www.backtalk.info
web.billtopia.app
bitcoinfork.gifts
dev.bluuu.co
boltum.mx
cms.byvinci.io
partner.camperinfinity.app
www.casadata-bouwlegescalc.nl
cdocherty.com
chrisfischer.me
aichemist.co.kr
interactivedeveloper.co.kr
testrcpt.ktc.co.th
cocart.in
www.cohesivesystems.co.uk
share.cpbible.com
www.dairus.com
danielle.ai
desenfila.com
www.dlg.app
dprjuniversal.com
ecofriendlyeve.com
teacher.edlege.com
schule.fam-graf.ch
cms.fhsis.org
www.flutternl.nl
foryoursweetheart.sg
gaussbit.com
app.getpowerplay.in
gnjordan.org
yamaha-cvm.gospurr.com
www.holatalks.com
fbib.inflatagram.com
dev-client.iqid.com
ivangreve.com
jasonharthun.com
scalingengineeringteams.jenniferwadella.com
jesuslopez19.com
joanna-chow.com
www.kauon.com
kdsi.si
lapastelidog.com
laurenzr.com
app.leansystems.io
admin.liefershop.at
www.log-consult.net
www.sad.lviv.ua
milly-la-foret.com
stage.moduslogic.co.uk
morsemangini.com
assets.multiverse.ai
www.mwengs.com
link.mykibbi.com
bp.nesports.top
norths.app
www.oarfragrance.com
serviceavtal.omnicar.io
link.oyucon.com
sam3.p-e.kr
testsspos.prioticket.com
www.pslove.com
publizm.no
pulscreen.com
www.raspberryspider.com
recordx.org
riyadhpaintting.com
narb-assets-register.rosoftsavvy.app
www.rsodigital.com
www.slider.group
vijay.snapmentor.no
www.sourceandstardust.agency
www.sriammanenergy.com
laboratory.stable.codes
app.superparty.com
dev.superparty.com
sn2room.swift-it.se
t-next.de
thewordforum.org
mijn-ontwikkel.tm.toegang.org
sc.ulsq7.com
vaskerum.dk
www.vksraja.in
wardworx.app
link.whatitsay.app
www.wirtshaus-freiburg.de
adminportal.woodieswash.com
www.yong.ee
youchoose.cc
pwa001.youre.space
Other domains in certificate