Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=lumrad.org
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
April 30, 2026
Valid Until
July 29, 2026
72 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
51:3E:18:B3:86:7E:CA:3B:4C:45:66:0B:09:46:AF:08:26:FA:5C:A7:30:0D:D4:3A:BA:CF:F4:E5:4F:13:34:84
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
himbank.com
*.himbank.com
*.com.himbank.com
*.cool.himbank.com
*.info.himbank.com
*.net.himbank.com
*.org.himbank.com
*.2c6d72e0-905c-4d08-99d6-a946fa780ef6.golfineurope.com
*.375adaac-8e23-4701-ab7e-6964e1b2d250.golfineurope.com
*.3b13f268-eaa0-463e-aa9c-d773491080d0.golfineurope.com
*.3f375496-2290-4a58-8c18-b8a538d8ef3a.golfineurope.com
*.49fea16d-bc5b-4245-af1c-154bd6cbf1f4.golfineurope.com
*.a.golfineurope.com
*.access.golfineurope.com
*.api.golfineurope.com
*.app.golfineurope.com
*.backup.golfineurope.com
*.blog.golfineurope.com
*.demo.golfineurope.com
*.dev.golfineurope.com
*.ewcxqtesting.golfineurope.com
*.forms.golfineurope.com
golfineurope.com
*.golfineurope.com
*.home.golfineurope.com
*.hostmaster.golfineurope.com
*.jpzwmuat.golfineurope.com
*.mail.golfineurope.com
*.mpxylhostmaster.golfineurope.com
*.random.golfineurope.com
*.sslvpn.golfineurope.com
*.staging.golfineurope.com
*.temp.golfineurope.com
*.test.golfineurope.com
*.testing.golfineurope.com
*.uat.golfineurope.com
*.wxghwvpn.golfineurope.com
*.xngepbbs.golfineurope.com
*.04d3ba36-0ff3-49ce-8b54-dd1877297759.itsontv.com
*.app.itsontv.com
*.dev.itsontv.com
itsontv.com
*.itsontv.com
*.staging.itsontv.com
*.www.itsontv.com
*.anywhere.longbeach.net
*.aplicaciones.longbeach.net
longbeach.net
*.longbeach.net
*.sites.longbeach.net
*.vpn.longbeach.net
*.6s98n.longmaogw.top
*.89wkp.longmaogw.top
*.95vhx.longmaogw.top
*.aqzmk.longmaogw.top
*.l0r4m.longmaogw.top
longmaogw.top
*.longmaogw.top
*.mp7tf.longmaogw.top
*.o1ghs.longmaogw.top
*.y04uw.longmaogw.top
*.admin.lumrad.org
*.api.lumrad.org
*.assets.lumrad.org
*.demo.lumrad.org
*.dev.lumrad.org
lumrad.org
*.lumrad.org
*.admin.mynorthbaydoc.com
*.analytics.mynorthbaydoc.com
*.cdn.mynorthbaydoc.com
*.hotfix.mynorthbaydoc.com
*.jobs.mynorthbaydoc.com
mynorthbaydoc.com
*.mynorthbaydoc.com
*.portal.mynorthbaydoc.com
*.random.mynorthbaydoc.com
*.school.mynorthbaydoc.com
*.users.mynorthbaydoc.com
*.ww25.mynorthbaydoc.com
*.ww38.mynorthbaydoc.com
onchainfit.com
*.onchainfit.com
*.vpn.onchainfit.com
*.www.onchainfit.com
seguro-piso-alquiler.sbs
*.seguro-piso-alquiler.sbs
*.3762tx.vorstandupakadem.org
vorstandupakadem.org
*.vorstandupakadem.org
Other domains in certificate