Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=198695.app
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 24, 2026
Valid Until
July 23, 2026
76 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
63:26:15:B7:22:6C:02:EB:BE:A1:A1:47:13:57:CC:4B:7F:92:9A:4A:D0:42:6F:07:24:79:50:BD:A6:63:7A:20
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
xdapiym5297.com
*.xdapiym5297.com
*.cfapi.xdapiym5297.com
*.cfcdn.xdapiym5297.com
*.cfstatic.xdapiym5297.com
*.dapiab.xdapiym5297.com
*.matchgress-api.xdapiym5297.com
*.matchgress.xdapiym5297.com
*.newsapi.xdapiym5297.com
*.sbscfstatic.xdapiym5297.com
*.sportsvideoapi.xdapiym5297.com
198695.app
*.198695.app
*.app.198695.app
agriculturewire.com
*.agriculturewire.com
*.ham.agriculturewire.com
*.jtnyq.agriculturewire.com
*.wtjam.agriculturewire.com
*.www.agriculturewire.com
*.a.cf.com.au
*.admin2.cf.com.au
*.ads.cf.com.au
*.blogs.cf.com.au
*.border.cf.com.au
*.cf-2.cf.com.au
cf.com.au
*.cf.com.au
*.cms.cf.com.au
*.cwww.cf.com.au
*.dev.cf.com.au
*.dialoggroup.cf.com.au
*.e.cf.com.au
*.elanceodesk.cf.com.au
*.ep.cf.com.au
*.format.cf.com.au
*.imogen.cf.com.au
*.learn.cf.com.au
*.lexus.cf.com.au
*.mx.cf.com.au
*.my.cf.com.au
*.newsletter.cf.com.au
*.painel.cf.com.au
*.press.cf.com.au
*.privatefly.cf.com.au
*.prod.cf.com.au
*.secure.cf.com.au
*.sorrento.cf.com.au
*.sport.cf.com.au
*.tatura-farm-old-test.cf.com.au
*.test1.cf.com.au
*.testweb.cf.com.au
*.up-work.cf.com.au
*.vbt.cf.com.au
*.ww38.cf.com.au
*.www-test.cf.com.au
*.www.cf.com.au
*.wwwm.cf.com.au
*.hostmaster.jngs.org
jngs.org
*.jngs.org
*.random.jngs.org
*.cc.pgpgg.channel
pgpgg.channel
*.pgpgg.channel
*.vip.pgpgg.channel
*.admin.streets.net
*.analyze.streets.net
*.bbs.streets.net
*.bi.streets.net
*.coloryour.streets.net
*.dashboard.streets.net
*.desktop.streets.net
*.john.streets.net
*.labvirtual.streets.net
*.mail.streets.net
*.mapa.streets.net
*.notexistsapi.streets.net
*.office.streets.net
*.ra-vpn.streets.net
*.ra.streets.net
*.rdp.streets.net
*.rds.streets.net
*.remote.streets.net
streets.net
*.streets.net
*.visual.streets.net
*.webvpn.streets.net
*.x.streets.net
*.xccfgnotexistsdemo.streets.net
Other domains in certificate