Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=hotelgig.net
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 10, 2025
Valid Until
January 08, 2026
49 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
83:DC:49:F3:E9:6C:3E:1E:BE:9A:60:9A:EA:B7:23:A1:1D:5F:43:63:9C:98:4F:61:9F:74:33:94:20:80:99:13
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
dev.smartlena.com
abhishekshinde.tech
abovecloud.tech
admin.almostperu.com
amadorcf.es
anchala.us
andysoft.com.mx
aquanet-kurashiki.com
artofmarble.gr
bareq.tech
being-japan.com
berengarfoto.hu
app.blipps.io
www.bluprintbank.com
borezy.com
briand-jardins.fr
caliring.info
www.canvenient.info
bestellen.casa-issum.de
www.certisep.com
chitrascope.in
centennialcitizen.column.us
thelittleskoolhouse.com.sg
www.crabs.life
www.creadoc-classroom.com
cryptoblockschool.com
www.csbraende.dk
www.curaytor.systems
web-os.cybcloud.app
training-sql.dev-master.ninja
djolonga.com
tech-app.ds-aht.eu
tirupathur.eacabs.com
www.ecuestre.digital
www.eg-studioworks.com
hijau.atw.encelerate.com
app.firmacorp.net
admin.frissegedachtes.nl
futureprobe.xyz
slack.gdg.kr
getjuly.com
app.getpajo.com
gogoplanet.com
status.hellofresh.at
hotelgig.net
staging.hoxby.com
admin.idlworkshop.com
immunizationplanner.com
v3-punchkingfitness.impactwrap.com
dashboard.implayer.info
app.infanticontigo.cl
internetcheck.org
iseteki.jp
test3.itstrending.in
kirktongroup.co.uk
www.financiamiento.kurios.la
larsatle.no
www.livmaxgaming.com
jaragua.medcnh.com.br
mit.meddi.dk
emails.mettle.studio
www.morisraely.com
tickets.moveat.co
www.myraneuro.com
nader.de
test.nicosiascouts.group
nk.gs
olabbio.com
inshape.demo.pbj.live
www.pinajob.com
pitchly.online
www.presidentsclubcelebration.com
www.refaccionariadelhogar.mx
www.rem-center.com
rfrweb.it
www.rinkclic.com
www.rkstudio.net
www.rodrigozevallos.es
www.sagananuts.com
www.santiagosaavedra.net
dev.demo.members.sargon.com
product.sayhello.cash
servpie.com
signsbydesign.co.uk
admin.smdc.sleip.com
www.snugshields.com
bodagonzalezasuncion.swanmoments.com
tashii.co.uk
www.teaminglis.ca
www.teammulima.ca
auth.task.tech-ascend.com
mksvrcek.theproductroadmap.co
dev.totely.in
www.udaaniitt.in
www.vaxpass.dev
dev2.vectorz.app
verifact.co.za
beta.yopen.pro
survey.yoxiapp.io
support.zazpay.mx
Other domains in certificate