SSL Certificate Analysis for app.odontobb.com - Security Grade & TLS Configuration

Open Cached · just now

77/100 SECURITY SCORE

Certificate Information

Subject

CN=ubitlogger.com

Issuer

C=US, O=Google Trust Services, CN=WR3

Valid From

November 26, 2025

Valid Until

February 24, 2026 88 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

4F:80:9E:D7:28:39:EC:F5:3E:12:C2:22:53:6D:9B:59:32:17:AB:CA:5C:86:C0:B7:4D:9A:69:AB:E6:9D:E3:94

Alternative Names

100 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=31556926

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

100 domains

app.odontobb.com

Other domains in certificate

3fs.link

www.4tpm.fr

resume.abarajithan.com

www.agrtecrio.com.br

trafficmatch.h5.albayoo.com

alphaspace.io

portal.automaticon.dk

ayumitanaka.net

bekymringsmestring.no

api.bigfm.de

www.bluuweb.dev

brief.buysampling.com

www.centraldoscalp.com.br

www.chatzakisdev.gr

cats.cmrl.in

aipr.co.kr

dcp.radar.co.mz

cobberdingo.com.au

www.code-enj.app

na.cradle.work

print.derivita.net

dokidoki.games

www.dynaxianloop.com

hanged.ebombo.io

link.lamviectot.edu.vn

www.edusystem.co.za

www.enquete-bmwservice.fr

www.espetinhosbilk.com.br

static.xx.cdn.kavidudilhara.eu.org

evalmy.autos

www.forroporai.com.br

ipi.fullinpartners.com

g3ek.co.uk

takeaway.gared.fr

www.georgebrowning.net

sandbox-app.glomopay.com

prr.idc.govwise.eu

www.haochenwang.com

tutorlist.highskill.me

www.indulger.co.za

invt.rsvp

pandamarie.jmstechsys.com

support.kingsdefender.top

teclab-pretest.klarway.com

law.legal-act.net

linr.io

www.liziasmr.com

luckispot.fr

lugarrico.ng

magnates.us

bookings.manzana.media

mdimranshaikh.com

www.mivaanfinejewels.com

www.mochida.xyz

admin.mountkenyabikers.club

minhasecao.msasoftwares.com.br

www.nelco-network.com

www.northernstarseed.com

inspira.noytrall.com

inspira.noytrall.pt

cdc2.order.place

app.peterbox.com.br

www.play-backgammon.top

popcharts.io

app.qa.premise.com

renzy.net

rikhavshishodia.com

rumvalley.com

www.rusticcitrus.com

www.samiabushamat.com

f.savvy-navvy.com

www.kimhan.scool.town

staging.go.sennder.com

boulanger.speakylink.com

scsl.sticksports.com

story-craft.com

app.subsidekick.com

dev.sungchan.org

sureaccounting.org

www.swegaming.com

sysdesigna.com

takeout.page

tcgscad.com

thepolicycenterinc.com

links.dementia-dev.theprojectfactory.com

www.tipgenius.co

assets.tresastronautas.com

tufamosoayuda.com

ubitlogger.com

upo-devices.com

dev.wellro.life

whoodating.com

wimdyentertainment.com

sew.wordtris.com.br

formsched.xpotato.net

viz.xrvisual.com

dev.yourappstudio.com

ytdsystems.com

www.zhenbangchen.com

Free Cloud Credits

Get free credits to test cloud platforms