DNS Gurus
Open Cached · just now
77/100 SECURITY SCORE

Certificate Information

Subject
CN=customers.tigertech.net
Issuer
C=US, O=Let's Encrypt, CN=R12
Valid From
November 12, 2025
Valid Until
February 10, 2026 81 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D1:CF:25:15:1B:DA:0E:13:5C:A6:D0:44:F7:71:22:AD:6E:87:03:F6:30:D0:35:17:66:4E:30:DF:D4:2A:52:1D
Alternative Names
85 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
private-state-token-redemption=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com"), private-state-token-issuance=(self "https://www.google.com" "https://www.gstatic.com" "https://recaptcha.net" "https://challenges.cloudflare.com" "https://hcaptcha.com")
Recommendations
  • Add Strict-Transport-Security header with max-age of at least 1 year
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

85 domains
unsproject.com *.unsproject.com

Other domains in certificate

adultamateurbaseball.com *.adultamateurbaseball.com
akashicrecording.com *.akashicrecording.com
akloridesigns.com *.akloridesigns.com
applejacksshoes.com *.applejacksshoes.com
ashevillecraniosacral.com *.ashevillecraniosacral.com
bcmedwaste.com *.bcmedwaste.com
budbillion.com *.budbillion.com
climateequityreference.org *.climateequityreference.org
clinicresult.com *.clinicresult.com
computorium.net *.computorium.net
craftingformyfamily.com *.craftingformyfamily.com
craigandchris.org *.craigandchris.org
devhudsondigital.com *.devhudsondigital.com
dhfineartist.com *.dhfineartist.com
drainsemporium.com *.drainsemporium.com
dunriteservicesllc.com *.dunriteservicesllc.com
hhfamilyfoundation.com *.hhfamilyfoundation.com
homegrownpediatrics.net *.homegrownpediatrics.net
imabiz.com *.imabiz.com
jadepayneaudio.com *.jadepayneaudio.com
kefs.dev *.kefs.dev
koreconnection.com *.koreconnection.com
loveeconomypress.org *.loveeconomypress.org
margaretshepherd.com *.margaretshepherd.com
memematchr.com *.memematchr.com
newenergytexas.com *.newenergytexas.com
oaklandish.com *.oaklandish.com
playmatekennelsandstables.com *.playmatekennelsandstables.com
precisionconcretestructures.com *.precisionconcretestructures.com
sisterpickers.net *.sisterpickers.net
smileybomb.net *.smileybomb.net
somewebsite.net *.somewebsite.net
spyingondemocracy.com *.spyingondemocracy.com
telluriccurrent.net *.telluriccurrent.net
thesparrowpost.com *.thesparrowpost.com
customers.tigertech.net
troopershockey.com *.troopershockey.com
wallysentme.com *.wallysentme.com
warblerclassics.com *.warblerclassics.com
whatdoesmygirlfriendwanttoeat.com *.whatdoesmygirlfriendwanttoeat.com
woodenstone.com *.woodenstone.com
yourenothelping.com *.yourenothelping.com