DNS Gurus
Open Cached · just now
77/100 SECURITY SCORE

Certificate Information

Subject
CN=grupohotelerolatinoamerica.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 28, 2025
Valid Until
December 27, 2025 44 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
6F:F8:DE:CA:C1:E7:12:A3:66:DC:B0:8E:A4:A7:0F:3A:3B:DB:A0:D9:F7:C5:35:BE:2B:71:1D:FE:B9:74:3E:79
Alternative Names
100 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains
ingiq.com

Other domains in certificate

www.509expedited.com
www.722replacement.com
aayushgoyal.in
bobagold.actvst.com
partner.aicasindia.in
alexgerstner.dev
alphafitnessiot.com
anke.digital
aucamps.com
www.aufstiegsreform2025.de
awsde.com
oldpofo.bernhard-schmidt.com
www.bintern.com
blaecherlich.at
buddspreschool.com
busboom.lt
link.carevivenext.com
contacts.catchupcalendar.com
www.chalicelarp.be
creepynuts.chance-store.jp
chasencltd.com
fluz-staging.citadel.tools
firebase.classum.com
bambudacastle.clau.io
www.dab-stick.com
www.dalfiorentino.london
davesheatingandair.us
lab.daymedis.com
www.dreambugsoftware.com
www.encodingstars.com
staff.enkeldigital.com
netex-validation-reports.staging.entur.org
www.flightclub.one
infoco.focoten.com
ginylil.com
partner-portal.goama.com
grupohotelerolatinoamerica.com
harshad.dev
homekitts.com
huesofthemind.org
iedycorp.com
link.ikhlas.cc
inotekeng.com
hub.test.introist.com
app.iscr.com.au
www.isitalainasbirthday.com
www.jakefeldman.dev
jimmytang.dev
kasem.dev
khilesh.com
khoijagga.com
pos.dev.lettucegrow.com
lianaleonel.com
local-heroes.ch
longdrink.org
admin.luisgustavosc.com
lynnsgloriette.com
martysvt.com
midiproxy.com
link.miio.pt
www.minwookim.co
get.nokanda.app
northfaceonthetrack.com
omni.ing
redeem.onedm.app
rong-xing-dashboard.onedollarwebsite.co.nz
www.organism.org
app.ospitalis.com
www.phi-quest.info
pinlal.com
benedek.posfay.com
psytracker.com
pyrodot.me
qaitech.co
queergarden.ca
quirklings.com
www.rachelmeadows.dev
riverlawncare.com
t2.rstrack1.com
www.rudama.com
portal.seeqnc.com
simplymove.ch
beta.skybilling.app
app.socialife.ch
spartanenergy.com.au
streetfoodjourneys.com
strong-network.com
juegos.tabula.cl
www.tamiltranslator.com
refer.tbo.com
thegreathymns.com
tourneygames.com
sit.vegaspread.cloud
veroniqueazam.com
qa2.viridios.ai
wiseworldentertainment.com
xpicks.app
paper-only-demo.xva.asia
sobiyaa.yaagesh.com