Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=mqstonesur.cl
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 25, 2025
Valid Until
January 23, 2026
59 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
43:0B:4E:EE:0A:C2:28:2D:EF:7D:02:D9:22:9E:88:F5:EF:5C:C7:B0:7D:E3:B7:F6:3E:21:C3:F7:B8:90:86:66
Alternative Names
Security Configuration
TLS Protocols
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
script-src 'report-sample' 'nonce-BUYhJgEyM2Zimc5d8Umt3g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self',require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
turno.new.red-i.com.ar
a2moneyworks.com
pp.a6n.xyz
anbosg.com
elion.apini.cloud
apollomadipakkam.com
arete.study
www.bacbrenewables.com
barbariants.com
qa.beereaders.com
servettefc.deeplinks.bfansports.com
bradysterling.dev
branchsm.com
breadcrumbdata.com
www.bumdash.com
uuniready.bytekast.io
app.cardhero.co
www.carefulclues.com
stage.carteiracliente.com.br
www.3es.co.in
controlshrimp.com
decimators.app
basura.descubretrinidad.com
md.dialog.lk
www.eazivalue.com
www.elocado.com.br
everowl-technologies.com
www.exicon.us
global-login-poc.fastsignsdev.com
a094.foodle.su
glssettlement.com
www.gregsherrid.com
app.grupointeca.com
hectorfalconportfolio.com
hefnawi.me
hirejoshbrown.com
link.igrow.asia
go.py.in.th
inkino.app
ionutmitra.com
azampay.itrood.com
link-hing-wah.jec-digital.com
jobocalypse.com
kimakh.com
kinderlandpanama.com
kwasic.com
lafrun.com
www.laxmibomb.com
www.litafl.com
www.luminate.studio
savoie.lyta-sante.com
bringdienst.malteser.de
marciooliveira.com
www.mase.dev
it2.maxentwickler.site
maybe-yes-maybe-no.com
maybethebestofthings.com
animals.mesbro.in
mikebarkas.com
moderncannabisconsulting.com
mqstonesur.cl
dev.myaltea.club
radio.mycloudvip.com
neuroemergencies.cc
www.newempirestone.com
m.nissandrummondville.com
www.p31.kr
staging.padovalongboard.com
palgowallet.com
pattiosebold.com
portal.pawsy.me
homol.checkout.pay2b.net
app.pdr.cloud
schools.penmob.com
pessimist.ai
back.diniz.peyess.com
prataplus.com
pricebreaker.travel
proacc-consultants.com
pulsewatch.xyz
app.redantagri.co.za
geysier.reepco.dk
www.renaserfinanciero.com
www.sanchezdiego.com
web.securityguard.app
somkene.co.uk
www.soywarmi.lat
www.sperainfra.in
squadup.app
covid19.stammgast.sk
sunnypctw.com
tracer.tech-tracer.com
www.timebloc.app
www.toclean.com.au
referral.social-eats-nightly.tsunago.asia
www.domains.wildsolutions.pl
yakimachine.com
yunicalc.com
zingsoft.com
admin.zyppd.in
Other domains in certificate