Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=pumb.fun
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 15, 2026
Valid Until
May 16, 2026
84 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
A5:D7:4E:44:29:3E:11:A5:73:81:08:EC:86:F9:73:14:DE:99:38:FF:41:4D:14:B4:30:0D:2D:6B:B9:88:B9:E0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
clickalogs.com
*.clickalogs.com
22010.vip
*.22010.vip
6679.my
*.6679.my
*.www.6679.my
777bbb999kkk.com
*.777bbb999kkk.com
873244.club
*.873244.club
9040066.co
*.9040066.co
aurorahome.us
*.aurorahome.us
clebnbs.com
*.clebnbs.com
clinica-fecondazione-assistita-in-italia.sbs
*.clinica-fecondazione-assistita-in-italia.sbs
connect5g.com
*.connect5g.com
domainingtool.com
*.domainingtool.com
domainmemory.com
*.domainmemory.com
droneappetit.com
*.droneappetit.com
dwrekrutiert.com
*.dwrekrutiert.com
elevatelv.com
*.elevatelv.com
geoaesthesia.com
*.geoaesthesia.com
gohybridinbound.com
*.gohybridinbound.com
hibiscusrose.com
*.hibiscusrose.com
investmentservices717345.icu
*.investmentservices717345.icu
*.cdn.jipg.com
*.cooley-yeah.jipg.com
*.fqw.jipg.com
jipg.com
*.jipg.com
*.latinamerica.jipg.com
*.mx10.jipg.com
*.ng.jipg.com
*.pool.jipg.com
*.richardson-film.jipg.com
*.server22.jipg.com
*.soy.jipg.com
jlvvvapp.com
*.jlvvvapp.com
jlvvvgame.com
*.jlvvvgame.com
leftlive.com
*.leftlive.com
*.autodiscover.paiva.cc
*.mail.paiva.cc
paiva.cc
*.paiva.cc
*.anzhuo.pumb.fun
*.crm.pumb.fun
*.fvubgyxh.pumb.fun
*.hkicxfsa.pumb.fun
*.iognkjbq.pumb.fun
*.kirmulfj.pumb.fun
*.lwjtvwmaijutn.pumb.fun
*.psiyjnux.pumb.fun
pumb.fun
*.pumb.fun
*.sfqydjtg.pumb.fun
*.webmail.pumb.fun
*.ww6.pumb.fun
q46xvu.lol
*.q46xvu.lol
sieraai.com
*.sieraai.com
ulrs-co.my
*.ulrs-co.my
v4doekp.cc
*.v4doekp.cc
xn--mes358acl3anqhpnj.xyz
*.xn--mes358acl3anqhpnj.xyz
zepyuh.shop
*.zepyuh.shop
znxitj.shop
*.znxitj.shop
Other domains in certificate