Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=reserva.hostalroma.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
December 11, 2025
Valid Until
March 11, 2026
74 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
4E:2B:7E:D1:FA:02:53:CD:1D:E3:6F:BE:71:F4:8D:B9:82:05:3A:2E:BC:C6:FA:FC:97:F8:D2:48:39:59:88:D5
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
www.optimitzia.com
2017.devfesttoulouse.fr
abhirupnandy.click
www.akylab.com
aleati.co
allysan.com.au
ananthapro.com
tictactoe.bilalucar.com
brandle-game.com
panel.bvarg.com.ar
prod.app.analytics.cambri.ai
www.chat-id.nl
www.cle.vision
www.clubhousejourneys.com
www.highwaydroptaxi.co.in
dev.tango-pick.co.kr
kms.anymos.co.kr
emlapp.com.tr
cuberoids.com
auth.cybx.club
dewee.com.br
app.deylan.es
donatoengenharia.com
ecole-de-natation-erdeven.fr
fatec.educagame.com.br
elpyoo.com
www.elpyoo.com
www.expertanimation.org
www.expertplanner.in
quiz.fckosova.ch
forum-fortyfive.de
ludiclabs.gettwoit.com
www.globalnetworking.es
gohobifitness.online
www.gotogether.travel
harivallabhi.com
push.hbsecure.ch
reserva.hostalroma.com
staging.app.humancloud.network
redirect-sv.identt.pl
ignium.co.za
ilika.earth
www.innobytes.top
fintegra.inter.mx
www.juststartingup.com
kashidevtravels.com
kbec-nexus-season2.com
kuzgntech.com
cedap.labela.fr
link.labourseauxlivres.fr
liamglockner.com
libres-ensemble.fr
screening4me.lifebrand.life
listeningearcounselingservices.net
lyx.sa
income-percentiles.madebyenzo.com
aman.malevolent.in
chat.manuellamaya.com
www.marosszentanna1903.hu
mcslocacaomaquinas.com.br
melchior-jorda.online
mento.ee
www.mindlike.de
www.minterns.org
misionlea.com
app.mntr.one
de.muncommand.com
cms.museo.org.uk
tradeup.netomos.com
sandbox.omnisaude.app
homol.backoffice.pay2b.net
core-admin.pharmacloud.jp
app.playvolt.io
app.stg.pocketpost.life
podeum.live
rajiv.codes
seeder.ge
sevvy.io
sharada.me
shopora.io
sidekick.fitness
silverstaruk.org
scan.skinopathy.com
share.soundchatradio.com
coffee.stirlinghigh.co.uk
stratin.ai
www.stratin.ai
staging.switchboard.foundation
tempsite.sysx.fi
www.thesecurevision.in
www.thewilltofreedom.org
thumbnailai.click
admin.tirupursevagan.com
tpms.live
stocktwits.weblicht.net
wordfinity.app
wpd620.org
youtube-summarizer.pro
ytla.net
yushumind.com
Other domains in certificate