SSL Certificate Analysis for backup.aplocksmith.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=bucetaflix.com.br

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 13, 2026

Valid Until

May 14, 2026 87 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

09:83:AA:33:7F:4B:00:C4:F6:6A:60:F8:82:AD:DF:96:A0:CA:32:51:21:CA:8E:1C:6A:D7:30:F8:8F:14:A5:8B

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

aplocksmith.com *.aplocksmith.com *.api.aplocksmith.com *.backup.aplocksmith.com *.beta.aplocksmith.com *.blog.aplocksmith.com *.crm.aplocksmith.com *.dev.aplocksmith.com *.help.aplocksmith.com *.mail.aplocksmith.com *.sitemap.aplocksmith.com *.sitemaps.aplocksmith.com *.test.aplocksmith.com *.ww1.aplocksmith.com

Other domains in certificate

9hawai99.shop *.9hawai99.shop *.ad.9hawai99.shop *.doh1.9hawai99.shop *.hostmaster.9hawai99.shop

bucetaflix.com.br *.bucetaflix.com.br *.ww25.bucetaflix.com.br

deskequip.us *.deskequip.us *.www.deskequip.us

gqwmw15.top *.gqwmw15.top *.xn--1y-e57d.gqwmw15.top *.xn--6j-x19c.gqwmw15.top *.xn--6r-rp9c.gqwmw15.top *.xn--7u-3j8d.gqwmw15.top

hemservice.com *.hemservice.com *.m.hemservice.com *.mail.hemservice.com *.sitemaps.hemservice.com *.smtp.hemservice.com *.sslvpn.hemservice.com *.store.hemservice.com *.ww16.hemservice.com *.ww25.hemservice.com

*.976.hnyouchen.com hnyouchen.com *.hnyouchen.com

*.api.indianpornvideoa.com *.backend.indianpornvideoa.com *.hostmaster.indianpornvideoa.com indianpornvideoa.com *.indianpornvideoa.com *.webmail.indianpornvideoa.com

*.hostmaster.kailes.com kailes.com *.kailes.com *.m.kailes.com *.www.kailes.com

*.hostmaster.kulinarstvo.com kulinarstvo.com *.kulinarstvo.com *.m.kulinarstvo.com *.www.kulinarstvo.com

*.adpkcprod.moaiventures.com *.assets.moaiventures.com *.backup.moaiventures.com *.hostmaster.moaiventures.com *.m.moaiventures.com *.mail.moaiventures.com *.marketing.moaiventures.com moaiventures.com *.moaiventures.com *.prod.moaiventures.com *.secure.moaiventures.com *.shop.moaiventures.com *.staging.moaiventures.com *.test.moaiventures.com *.uat.moaiventures.com *.v1.moaiventures.com *.v2.moaiventures.com *.vpn.moaiventures.com *.web.moaiventures.com *.xxcafstaging.moaiventures.com

*.2012.xn--gmq19tjza043f.com *.av.xn--gmq19tjza043f.com *.ebmail.xn--gmq19tjza043f.com *.sitemaps.xn--gmq19tjza043f.com *.sl-m-ssl.xn--gmq19tjza043f.com *.webmail.xn--gmq19tjza043f.com xn--gmq19tjza043f.com *.xn--gmq19tjza043f.com *.xn--qf1a.xn--gmq19tjza043f.com