Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=backstage.ltd
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
February 05, 2026
Valid Until
May 06, 2026
70 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
2E:C7:80:0A:8C:6C:4D:10:BC:EB:E2:36:8F:99:D0:80:DD:C7:8F:79:EA:AA:8F:19:BC:57:D0:CD:4C:FB:81:04
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
wanaku.com
*.wanaku.com
22wns.com
*.22wns.com
aii.services
*.aii.services
*.random.aii.services
backstage.ltd
*.backstage.ltd
belmartechnologies.co
*.belmartechnologies.co
capitolortho.com
*.capitolortho.com
*.test.capitolortho.com
*.ww25.capitolortho.com
*.api.dinita.com
dinita.com
*.dinita.com
*.fr.dinita.com
*.mail.dinita.com
*.vpn.dinita.com
*.android.fanaticos.net
fanaticos.net
*.fanaticos.net
*.mail.fanaticos.net
*.vpn.fanaticos.net
*.club.frigorista.com
frigorista.com
*.frigorista.com
goberno.com
*.goberno.com
*.ww1.goberno.com
*.cloud.hengliang.com
*.cpanel.hengliang.com
hengliang.com
*.hengliang.com
*.old.hengliang.com
*.search.hengliang.com
*.svn.hengliang.com
*.wp.hengliang.com
industrialmachine317020.icu
*.industrialmachine317020.icu
*.cloud.kafnet.com
*.drvpn.kafnet.com
kafnet.com
*.kafnet.com
*.office.kafnet.com
*.sslvpn.kafnet.com
ksgqhlc.cyou
*.ksgqhlc.cyou
snuzzles.com
*.snuzzles.com
streetartmuseum.com
*.streetartmuseum.com
t-r-p-t--a-v-m-24.shop
*.t-r-p-t--a-v-m-24.shop
td60415.cc
*.td60415.cc
*.gitlab.technogamerz.com
technogamerz.com
*.technogamerz.com
*.ws.technogamerz.com
*.youtube.technogamerz.com
tigrefm.com
*.tigrefm.com
topmycommentsfirst.com
*.topmycommentsfirst.com
travelwanderworld.xyz
*.travelwanderworld.xyz
wankhede.com
*.wankhede.com
weddingsgraceabound.beauty
*.weddingsgraceabound.beauty
weddingspasttimes.beauty
*.weddingspasttimes.beauty
whisperinggardenhaven.live
*.whisperinggardenhaven.live
womensfashionista.site
*.womensfashionista.site
wwwdz90.cc
*.wwwdz90.cc
xmassachusetts.com
*.xmassachusetts.com
xn--86qa.cc
*.xn--86qa.cc
zaqpl.net
*.zaqpl.net
zj9boqb.cyou
*.zj9boqb.cyou
Other domains in certificate