Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=crackedstreams.app
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
May 25, 2026
Valid Until
August 23, 2026
71 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
67:4E:9D:D0:A8:4E:3C:AD:AF:9C:B2:62:C4:9F:A0:07:5C:BD:F3:FE:2C:96:93:E2:04:B5:F8:51:CC:D7:85:AF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
polix.co
*.polix.co
*.en.polix.co
*.www.polix.co
*.backend.crackedstreams.app
crackedstreams.app
*.crackedstreams.app
*.erp.crackedstreams.app
*.pos.crackedstreams.app
*.www.crackedstreams.app
*.admin.ingegnarsi.com
*.analytic.ingegnarsi.com
*.dev.ingegnarsi.com
ingegnarsi.com
*.ingegnarsi.com
*.staging.ingegnarsi.com
*.status.ingegnarsi.com
*.ww20.ingegnarsi.com
*.31.keycdn.org
*.artheadscdnerhik.keycdn.org
*.azs.keycdn.org
*.azsss.keycdn.org
*.azssss.keycdn.org
*.bak.keycdn.org
*.bey.keycdn.org
*.big.keycdn.org
*.bigg.keycdn.org
*.blu.keycdn.org
*.bluu.keycdn.org
*.cdnerhik.keycdn.org
*.comhtazssss.keycdn.org
*.dav11.keycdn.org
*.egif.keycdn.org
*.enii.keycdn.org
*.eniii.keycdn.org
*.ftp.keycdn.org
*.ftppp.keycdn.org
*.gencc.keycdn.org
*.gif.keycdn.org
*.goz.keycdn.org
*.gozimg.keycdn.org
*.ham.keycdn.org
*.hdgce.keycdn.org
*.hdmob.keycdn.org
*.hdp.keycdn.org
*.hrd.keycdn.org
*.hrdd.keycdn.org
*.hstt.keycdn.org
*.ioblu.keycdn.org
*.juhikk.keycdn.org
*.kes.keycdn.org
*.kess.keycdn.org
keycdn.org
*.keycdn.org
*.kru.keycdn.org
*.kru3.keycdn.org
*.kruu.keycdn.org
*.mor.keycdn.org
*.opn.keycdn.org
*.oto.keycdn.org
*.p2.keycdn.org
*.p22.keycdn.org
*.pcnt.keycdn.org
*.pornoheyecan.keycdn.org
*.pp31.keycdn.org
*.pprrr.keycdn.org
*.ratt.keycdn.org
*.s31.keycdn.org
*.s31img.keycdn.org
*.sadm.keycdn.org
*.sexifullcdn.keycdn.org
*.shik.keycdn.org
*.skst.keycdn.org
*.sultra.keycdn.org
*.trk.keycdn.org
*.vhik.keycdn.org
*.zvk.keycdn.org
*.api.oceanfront.it
*.backend.oceanfront.it
*.intelligence.oceanfront.it
oceanfront.it
*.oceanfront.it
*.redash.oceanfront.it
*.reporting.oceanfront.it
*.superset.oceanfront.it
whiteonline.pl
*.whiteonline.pl
*.ww16.whiteonline.pl
*.ww17.whiteonline.pl
*.ww25.whiteonline.pl
Other domains in certificate