Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=qrcode.wiseupfood.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 12, 2025
Valid Until
January 10, 2026
39 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
9F:BF:1B:FD:7A:DF:AF:F9:71:71:0B:E9:0E:FD:18:2E:3E:0A:03:89:B1:DC:5C:44:5D:FA:FE:2C:80:30:C9:C0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
ija.co.uk
11521278.peerly.app
www.2asoftlab.com
grupomenorah.americanopolis.com
www.multibridge.angeldao.org
apollorooter.com
scuola-link.attimo.com.ar
www.azaniadriving.co.za
beta.organisations.bash.social
beenokle.com
berachajewellers.in
www.alpha.blutechconsulting.com
www.burnbryte.com
cetreal.com
chapchapgo.com
beta.city-ol-brugg.com
www.clustium.com
www.codeabsolute.in
server.beta.cuppazee.app
curiosidadesdecine.com
sakurai.datateam.one
dev.dearfuture.io
delarroyotandil.com
deltacs.co.uk
djms-app.doorjames.dev
foradermatology.easyapp.co
eatsimplified.com
app.egsbe.com
indyrepnews.enotice.io
timetable-admin.entur.org
www.envydiable.com
fci.jp
dashboard.futuralabs.rocks
satzwuerfel.gabriels.io
geurmelder.nl
link.hexology.dev
houstonmexico.com
hyria.com
admin.novella.ilmiocomune.app
instaswipe.ca
ipressoexpress.com
j0dierizky.com
jakob7.com
www.jaxfisg.com
sunseeker.app.stage.lasoxp.com
lernexperten.com
procesos.limatransvial.com
linkedroots.com
www.lonelyoceanstudios.com
luisgeraldo.com
maledifresh.co.za
eventinfo.maprun.net
www.mavka.org
medeberya.app
dev.editor.mergeedu.com
metaphor.education
mmet.in
mtreexpress.com
network-design.com.mx
mail.newnumberapp.com
dev.onshop.lk
seats.sx.opentix.life
dev.tools.admin.opnte.ch
www.pablotrullos.com
www.pastabattle.com
wizards.pppuzzle.com
practrac.app
www.renaultcentral.in
www.ristorantepietra.it
rosstechsolutions.net
www.samiraappana.fi
www.scpaloalto.com
stagingmediatrack.service-unicepta.de
www.siteagent.ai
invite.sodhanii.com
valentines.speirs.io
app.place.spreeloop.com
bodaquintanillacruz.swanmoments.com
primeracomunioncamilabonilla.swanmoments.com
swifthood.cz
szeret.com
beta.laoutfall.tbm-binni.app
tftc.app
docs.thespaghettidetective.com
dev.trainingsmagnet.com
www.tswplus.com
jotun.turnosweb.app
tylerdickens.com
uiuxtek.in
playground-data.upflowy.com
urologojorgejuarezvarela.com
dreamland.vdimsa.com
news.videolink.app
vote4india.org
www.waitingforjeep.com
qrcode.wiseupfood.com
admin.plv.wowdesk.jp
www.301060.exactas.uba.ar
www.yulelog.app
game.zodt.net
Other domains in certificate