Open
Cached
·
just now
79/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lump.it
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
February 04, 2026
Valid Until
May 05, 2026
75 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
22:51:B4:2A:68:38:22:72:CC:73:E7:E8:C7:58:5E:C5:67:95:6A:7D:56:41:D6:F0:90:74:04:2C:DF:64:29:97
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
89 domains
door.systems
*.door.systems
mister.co.in
*.mister.co.in
directoryupdate.net
*.directoryupdate.net
diurituravitype.com
*.diurituravitype.com
divorcee.it
*.divorcee.it
diyprojectssuccess.xyz
*.diyprojectssuccess.xyz
dmschool.in
*.dmschool.in
*.sitemaps.dmschool.in
drawingroom.it
*.drawingroom.it
dtq5pzk.cyou
*.dtq5pzk.cyou
durzob.com
*.durzob.com
dvlkkwd.cyou
*.dvlkkwd.cyou
e-ekaroniiosdalketz.cyou
*.e-ekaroniiosdalketz.cyou
ecz34o7.cyou
*.ecz34o7.cyou
eedniosdalgrid.cyou
*.eedniosdalgrid.cyou
egezzone.com
*.egezzone.com
eliittikumppani.com
*.eliittikumppani.com
englishbulldogs.it
*.englishbulldogs.it
epwo42z.shop
*.epwo42z.shop
escapadetravelview.xyz
*.escapadetravelview.xyz
estertimes.com
*.estertimes.com
lump.it
*.lump.it
luxolura.com
*.luxolura.com
luxury-rehab-860091139.click
*.luxury-rehab-860091139.click
m01qw70.cyou
*.m01qw70.cyou
m4g8bmfb.top
*.m4g8bmfb.top
mageslot.pro
*.mageslot.pro
marbatjp89vip.com
*.marbatjp89vip.com
medikus.co
*.medikus.co
medwyze.com
*.medwyze.com
meetoutboundemail.top
*.meetoutboundemail.top
merchantcenter.pro
*.merchantcenter.pro
mindsynctop.com
*.mindsynctop.com
minimal.it
*.minimal.it
miniregistratore.it
*.miniregistratore.it
minivivipol.com
*.minivivipol.com
miorp.academy
*.miorp.academy
mirari.it
*.mirari.it
misb.it
*.misb.it
miscoinage.com
*.miscoinage.com
missalanaalexander.com
*.missalanaalexander.com
missbellezalatinausa.com
*.missbellezalatinausa.com
mitra77.one
*.mitra77.one
miyakonojo-city-177198095.click
*.miyakonojo-city-177198095.click
mjdyhgj7.top
*.mjdyhgj7.top
Other domains in certificate