Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=auth.my-qrcode-gen.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
November 22, 2025
Valid Until
February 21, 2026
87 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9E:29:21:F2:4A:69:29:C0:BD:B5:87:4A:E5:7D:F5:0D:3C:1A:9C:4A:5B:01:12:D4:DB:9E:D9:4D:7F:DD:0A:B2
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
fishmusiq.co.za
www.adnanyun.us
www.adplmeta.com
ajisugoidelivery.com.br
akari-chan.jp
alikortak.de
anjanamohan.com
demo13.appscifi.com
autoscanplus.com.co
share.byggjobs.app
cbcgem.app
clerknet.app
app-1.commo.dev
covcon.site
develop.bizadmin.food.cururucu.jp
www.dashmeshminerals.com
ultimate-signup.dedyn.io
bots.dihola.uy
elainaplusian.com
etar.app
www.eteri-hm.com
www.fybra.app
gradyhampton.com
staginglink.greenely.com
order.halaeats.com
www.heedi.com
hotarek-ribel.at
programs.ibranchrecruiters.com
listen.how.inex.rocks
www.ipharmacist.com
ircloudops.com
www.it4b.in
www.itsfair.in
chat.izacpeterson.com
www.jadibooty.us
www.jaysea.org
jegomusic.com
www.jegomusic.com
www.joeosterfeld.com
marin-pretrial.clients.joinpromise.com
www.kriegst-du-hin.com
alyssa.kroljs.com
kushimofficial.com
api.legech.com
www.lk-panenka.cz
www.localee.space
www.mike-varga.com
mujahidgroup.com
auth.my-qrcode-gen.com
myalbstadtshops.de
link.dev-int.account.nasta.co.jp
ve.m.payment-urllink.smt.docomo.ne.jp
free-session.newjerseyfoundation.space
nishant.app
nomaratravel.com
noticeboard.app
option51.com
auth.parkinsonacademy.be
bankadmindev.paycloudafrica.com
merchant.paycloudafrica.com
mpdev.paycloudafrica.com
personalquest.me
phyx.space
www.piedmontbrokerage.com
preservefarmsgardenhomes.com
pricesnap.app
quant.raylai.co
repper.app
dev.rokhub.shop
www.rokhub.shop
safetyleadership.com.mx
www.sariwan.be
sarutbienesraices.com
savvy-strings.com
www.scottlawbahamas.com
search-product.com
www.secadoresyequiposdeproceso.com
simplescontabilidade.digital
www.sonatico.com
soundorganeyezer.com
merchandiser.stageamericanoutlets.com
stormdragondesigns.com.au
admin.storydna.app
squareout.sullyslegacy.com
bodagutierrezaguilar.swanmoments.lat
tailorx.me
tateho.jp
www.tattootrippers.com
www.thecow42.com
theguiderapp.com
music.theimperialmedia.com
www.tirth-patel.com
trippytravels.ae
gboxarguello.turnosweb.app
staging.gui.vitibot.xyz
ng.wali.co
app-staging.yours.work.life
workcuit.ai
yogawithyanick.com
zyorahub.com
Other domains in certificate