SSL Certificate Analysis for 56542.locker - Security Grade & TLS Configuration

Certificate Information

Subject

CN=0004.bid

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 01, 2026

Valid Until

May 02, 2026 81 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

3D:4E:F4:B3:C3:A0:CA:A2:EE:9A:9C:65:5E:2E:96:A0:E1:B5:60:50:DF:CE:58:A7:90:33:BE:91:90:FD:BA:0B

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

56542.locker *.56542.locker

Other domains in certificate

0004.bid *.0004.bid

04759.pizza *.04759.pizza

1377bet.pro *.1377bet.pro

14663.bid *.14663.bid

1675131.org *.1675131.org

173958.pictures *.173958.pictures

25783.locker *.25783.locker

305d9.vip *.305d9.vip

39001.locker *.39001.locker

49264.locker *.49264.locker

50461.net *.50461.net

5376565.cc *.5376565.cc

55512.locker *.55512.locker

55533.locker *.55533.locker

55561.locker *.55561.locker

6088m.cc *.6088m.cc

75205.net *.75205.net

83223679.top *.83223679.top

93167007.top *.93167007.top

95483.pizza *.95483.pizza

96125.top *.96125.top

aca777.love *.aca777.love

agt2agt.org *.agt2agt.org

bed-bug-331575586.click *.bed-bug-331575586.click

ben3.one *.ben3.one

blssh.pro *.blssh.pro

bodwy.com *.bodwy.com

cjhna.pro *.cjhna.pro

eiweb7m.top *.eiweb7m.top

fggjn.loan *.fggjn.loan

fhh00.top *.fhh00.top

fhnxzog.top *.fhnxzog.top

fiatiq.com *.fiatiq.com

fqauw.pro *.fqauw.pro

fqnxs.net *.fqnxs.net

gc283.top *.gc283.top

gemcue.app *.gemcue.app

hg6k9bp6.top *.hg6k9bp6.top

hiqau.pro *.hiqau.pro

imoveis-curitiba-02.cfd *.imoveis-curitiba-02.cfd

inwestycje.net *.inwestycje.net

isgny.net *.isgny.net

jqqqc.pro *.jqqqc.pro

jzmnm.bid *.jzmnm.bid