Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=tristategetaway.com
Issuer
C=US, O=Let's Encrypt, CN=YR1
Valid From
June 12, 2026
Valid Until
September 10, 2026
80 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B6:FF:28:EE:CA:B2:96:36:FA:53:E9:BD:8F:77:58:B0:F2:70:D1:39:D1:E8:90:46:5D:41:79:BF:24:FF:4F:7F
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
88 domains
figtreealliance.com
*.figtreealliance.com
*.com.figtreealliance.com
*.darkfibre-crm.figtreealliance.com
*.org.figtreealliance.com
*.portal.figtreealliance.com
*.app.elmetodoevolve.online
*.assets.elmetodoevolve.online
*.demo.elmetodoevolve.online
elmetodoevolve.online
*.elmetodoevolve.online
*.portal.elmetodoevolve.online
*.demo.expressboozedelivery.ca
expressboozedelivery.ca
*.expressboozedelivery.ca
*.www.expressboozedelivery.ca
*.api.gameaddictpro.com
*.app.gameaddictpro.com
*.demo.gameaddictpro.com
gameaddictpro.com
*.gameaddictpro.com
*.m.gameaddictpro.com
*.test.gameaddictpro.com
*.www.gameaddictpro.com
*.admin.haypr.net
*.demo.haypr.net
haypr.net
*.haypr.net
*.hostmaster.haypr.net
*.images.haypr.net
*.m.haypr.net
*.sitemap.haypr.net
*.xn--combusinessbanking-g89jpa.haypr.net
hissnyshop.com
*.hissnyshop.com
*.sitemaps.hissnyshop.com
*.admin.tadkrabbit.com
*.analytic.tadkrabbit.com
*.analytics.tadkrabbit.com
*.analyze.tadkrabbit.com
*.api.tadkrabbit.com
*.app.tadkrabbit.com
*.argo.tadkrabbit.com
*.backend.tadkrabbit.com
*.bi.tadkrabbit.com
*.bigdata.tadkrabbit.com
*.blog.tadkrabbit.com
*.chart.tadkrabbit.com
*.dashboard.tadkrabbit.com
*.dashboards.tadkrabbit.com
*.data.tadkrabbit.com
*.demo.tadkrabbit.com
*.dev.tadkrabbit.com
*.forecast.tadkrabbit.com
*.intelligence.tadkrabbit.com
*.intranet.tadkrabbit.com
*.mail.tadkrabbit.com
*.notexistsadmin.tadkrabbit.com
*.notexistsapi.tadkrabbit.com
*.notexistsapp.tadkrabbit.com
*.notexistsdemo.tadkrabbit.com
*.portal.tadkrabbit.com
*.report.tadkrabbit.com
*.research.tadkrabbit.com
*.shop.tadkrabbit.com
*.staging.tadkrabbit.com
*.stats.tadkrabbit.com
*.store.tadkrabbit.com
*.sup.tadkrabbit.com
*.superset.tadkrabbit.com
tadkrabbit.com
*.tadkrabbit.com
*.visual.tadkrabbit.com
*.vpn.tadkrabbit.com
*.workflow.tadkrabbit.com
*.www.tadkrabbit.com
*.krasnodar.tristategetaway.com
*.portal.tristategetaway.com
tristategetaway.com
*.tristategetaway.com
*.gt.xn--4gqz1j61m34h7xz.com
*.sitemap.xn--4gqz1j61m34h7xz.com
xn--4gqz1j61m34h7xz.com
*.xn--4gqz1j61m34h7xz.com
*.sitemap.xn--4kr324i.com
*.sitemaps.xn--4kr324i.com
xn--4kr324i.com
*.xn--4kr324i.com
Other domains in certificate