Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=04257.locker
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
April 12, 2026
Valid Until
July 11, 2026
60 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
75:41:0A:25:59:6F:C2:06:E6:A0:70:42:14:04:5A:38:7E:AA:4F:93:AB:B7:E7:35:8A:D3:BD:A3:EB:3A:B5:1E
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
dgmfe.nexus
*.dgmfe.nexus
04257.locker
*.04257.locker
66412.one
*.66412.one
6ss8.cc
*.6ss8.cc
77498.one
*.77498.one
80sblog.com
*.80sblog.com
accessgrowthservicesleaders.co
*.accessgrowthservicesleaders.co
algerprix.info
*.algerprix.info
amethystspamassage.com
*.amethystspamassage.com
astellaschina.com
*.astellaschina.com
bebebig.me
*.bebebig.me
cactusproductiongames.com
*.cactusproductiongames.com
calmpointline.sbs
*.calmpointline.sbs
carroaudioandtint.com
*.carroaudioandtint.com
chanceua.com
*.chanceua.com
company-in-china.com
*.company-in-china.com
computer-networking-sleuth-437.sbs
*.computer-networking-sleuth-437.sbs
cricketflicker.com
*.cricketflicker.com
dbzhn.one
*.dbzhn.one
dhtlu.gdn
*.dhtlu.gdn
ebtrqu.plus
*.ebtrqu.plus
education-degree-6616.click
*.education-degree-6616.click
fmhqf.nexus
*.fmhqf.nexus
gagaqi.plus
*.gagaqi.plus
georgiaendocrine.com
*.georgiaendocrine.com
grandviewroofingllc.com
*.grandviewroofingllc.com
hearthandsouloven.com
*.hearthandsouloven.com
hfjbz.nexus
*.hfjbz.nexus
homeinspectionskaty.com
*.homeinspectionskaty.com
hxzkdm.town
*.hxzkdm.town
insideinstallations.org
*.insideinstallations.org
jp24.com.cn
*.jp24.com.cn
kj183.com
*.kj183.com
ky23dl237.com
*.ky23dl237.com
lunovextrader4-1titan.cyou
*.lunovextrader4-1titan.cyou
lux77thai.com
*.lux77thai.com
managementmcp.com
*.managementmcp.com
mcpmod.com
*.mcpmod.com
medicareitaliano.com
*.medicareitaliano.com
medtechwings.com
*.medtechwings.com
mhdjz.nexus
*.mhdjz.nexus
mhmpj.nexus
*.mhmpj.nexus
mmav23.com
*.mmav23.com
moremmr.com
*.moremmr.com
morningoutlet.com
*.morningoutlet.com
Other domains in certificate