Open
Cached
·
just now
82/100
SECURITY SCORE
Certificate Information
Subject
CN=garzone.store
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 21, 2025
Valid Until
February 19, 2026
81 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
5D:D5:F2:6F:76:F3:75:E1:92:6C:02:05:C1:69:92:CF:F4:5D:7B:ED:F6:18:D0:9C:9D:83:6E:4B:94:10:1D:45
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Weak
frame-src; frame-ancestors
X-Frame-Options
Excellent
DENY
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
admin-board-uat.flexm.com
toastacafe.abacus.co
www.abp-consulting.com
afa-ngo.org
www.age4builder.com
aneait.co.za
dev-client.appointme.net
catatsaja.ardeman.com
www.augeoventures.io
avmsistemas.net
azkar.today
bceaglescamps.com
www.client.blueknife.tech
www.bntech.dev
borgeson.dev
btodds.com
nghialv.bunbusoft.com
link.camify.app
www.cernst.dev
certifiedinchaos.com
lab.chekt.com
app.civilia.io
opticsx.co.in
www.coconut-cie.com
sorbak.com.tr
www.contentvoila.com
app-staging.daitaflow.ai
register.durin.co
horizonredirect.dutton.com.au
elytrarobotics.com
www.erikedit.com
familieschmidt.me
admin.filmongo.in
mobile.filmongo.in
link.foobeeapp.com
a0gm.foodle.su
fou.sh
frsi.info
gabrielberger.com
garzone.store
www.gecolmoveis.com.br
gadadmin.gematlas.com
share.goodapp.in
hazem.tech
forms.humboldteum.com
link.ikhlas.com
provider.imaharah.com
classicat.projex.in.net
www.tst.inktica.com
www.jmpesp.com
www.jonatech.cloud
test-www.junges-theater-oberrieden.ch
www.kerafyrm.com
account.koyamarket.in
lemetrika.org
lifeofanelf.com
flx.madhive.com
links.maika.life
ichiup.marino.co.jp
pims.mcwoodtechnologies.com
www.medicosabordo.com
dashboard.metabaseq.com
michelgeorlette.be
www.mindsparksolution.com
musicdrill.com
najmulhussain.com
oliverv.xyz
online-graphic-editor.com
app-voluntario-modules.libcom.org.br
admin.otojet.com
pind.owct.me
app.pajasaagro.com
leadshift.parklab.app
paulaselim.tech
www.pavisol.nl
percyavalos.com
admin.photo.phuket.run
www.propertymap.ie
www.ptbs.co.uk
www.rate-teacher.com
link.realdatingapp.com
www.registrdluzniku.net
remagotchi.com
calendar.revenueroll.com
infiniteconnections-applink.rlgapps.com
driver-help.rovahq.com
www.rudych.com
saindev.ru
www.satinrosebeautysalon.com
share.smarty-app.ro
app.sondhitalk.com
southindiataxi.in
www.dev.sukidana.com
www.tab-tangle.com
tcsp-chauffage.fr
teamtigerstkd.com
www.vexasystem.com.br
portal.vintedbot.co.uk
frisdrank.vlaar.it
zlearn.vn
Other domains in certificate