Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=garzone.store
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
84 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:D5:F2:6F:76:F3:75:E1:92:6C:02:05:C1:69:92:CF:F4:5D:7B:ED:F6:18:D0:9C:9D:83:6E:4B:94:10:1D:45
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-Vnq6MGPL8xzRBxjNReX2iA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
a0gm.foodle.su
toastacafe.abacus.co
www.abp-consulting.com
afa-ngo.org
www.age4builder.com
aneait.co.za
dev-client.appointme.net
catatsaja.ardeman.com
www.augeoventures.io
avmsistemas.net
azkar.today
bceaglescamps.com
www.client.blueknife.tech
www.bntech.dev
borgeson.dev
btodds.com
nghialv.bunbusoft.com
link.camify.app
www.cernst.dev
certifiedinchaos.com
lab.chekt.com
app.civilia.io
opticsx.co.in
www.coconut-cie.com
sorbak.com.tr
www.contentvoila.com
app-staging.daitaflow.ai
register.durin.co
horizonredirect.dutton.com.au
elytrarobotics.com
www.erikedit.com
familieschmidt.me
admin.filmongo.in
mobile.filmongo.in
admin-board-uat.flexm.com
link.foobeeapp.com
fou.sh
frsi.info
gabrielberger.com
garzone.store
www.gecolmoveis.com.br
gadadmin.gematlas.com
share.goodapp.in
hazem.tech
forms.humboldteum.com
link.ikhlas.com
provider.imaharah.com
classicat.projex.in.net
www.tst.inktica.com
www.jmpesp.com
www.jonatech.cloud
test-www.junges-theater-oberrieden.ch
www.kerafyrm.com
account.koyamarket.in
lemetrika.org
lifeofanelf.com
flx.madhive.com
links.maika.life
ichiup.marino.co.jp
pims.mcwoodtechnologies.com
www.medicosabordo.com
dashboard.metabaseq.com
michelgeorlette.be
www.mindsparksolution.com
musicdrill.com
najmulhussain.com
oliverv.xyz
online-graphic-editor.com
app-voluntario-modules.libcom.org.br
admin.otojet.com
pind.owct.me
app.pajasaagro.com
leadshift.parklab.app
paulaselim.tech
www.pavisol.nl
percyavalos.com
admin.photo.phuket.run
www.propertymap.ie
www.ptbs.co.uk
www.rate-teacher.com
link.realdatingapp.com
www.registrdluzniku.net
remagotchi.com
calendar.revenueroll.com
infiniteconnections-applink.rlgapps.com
driver-help.rovahq.com
www.rudych.com
saindev.ru
www.satinrosebeautysalon.com
share.smarty-app.ro
app.sondhitalk.com
southindiataxi.in
www.dev.sukidana.com
www.tab-tangle.com
tcsp-chauffage.fr
teamtigerstkd.com
www.vexasystem.com.br
portal.vintedbot.co.uk
frisdrank.vlaar.it
zlearn.vn
Other domains in certificate