Open
Cached
·
just now
80/100
SECURITY SCORE
Certificate Information
Subject
CN=www.pontogo.app
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 09, 2025
Valid Until
January 07, 2026
56 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
56:A4:32:CF:19:F4:1C:E8:40:22:80:39:45:38:E7:D8:47:0F:96:1A:69:DD:E9:7E:C9:FB:83:EC:94:E5:8B:EF
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Basic
script-src; object-src; base-uri; +3 more
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Improve CSP by adding more specific directives and removing 'unsafe-inline'
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
link.peep.jp
abhayvalsangkar.com
reset.affordablecare.ai
agencyplace.co.uk
aiampdse.agivant.com
agreni.com
www.anycodewallet.com
asc.lt
ashwindn.com
static.awesomephysiotherapy.com
gamesadmin-jpj-st.bagelcode.com
www.bci.lu
bisanziosvelata.it
sms.brytecall.com
certification.byblack.us
hi.callhealth.com
camillasantiago.com
www.candileflame.com
beta.cartmigo.com
cotizador.clubdelseguro.cl
gymcore.co.il
cocxel.com
shenghuei.com.tw
craftboard.com
test.cricinfoverse.com
cypressbayoumedia.com
emsd-apt.d-enc.com
voice.daybook.app
dedb8.io
deliverybymunches.com
dixespaysagiste.com
dmc-bygg.se
estabelecimentos.dmfweb.com.br
ericaberardi.com
wp-demo.esprot.biz
estserend.com
everytale.uk
evnt.co.za
firstdrivingandtrafficschool.com
fusen.app
www.fuze.cc
gadgetonfire.com
apod31.geekytwin.com
multibet.gentsys.com
www.glasaj2023.org
gzchurch.com
my-event.hackathons.org.uk
anniv.hacomono.jp
www.admin.hlo.app
www.hocchi.com
www.itssport.co
developer.jasig.org
www.jeesab.com
admin.jjspot.ru
install.kanal.work
pages.kenshiyonezu.com
dev-api.kno.co
kylemjackson.com
libyashop.ly
limoinsanfran.com
lucasportela.dev
www.lyricstudio.app
www.marcseiferle.com
mcflytech.com
mealiq.ai
mypolls.xyz
nastiazhyrnova.com
watch.neoufitness.com
www.neuraldreams.art
newspassport.co
selbstabrechnung.optadata-innovationlab.de
ozininatolyesi.com
l.pelavo.pl
www.pontogo.app
publishednft.io
links.rememberthat.ai
siapco.mx
smilejpg.fun
space-time.tv
auth.sportyfind.cz
sqlfire.dev
stealthisoptional.com
taskbusiness.pro
td2.app
emp.tecfy.co
temptraveler.com
thebuddypatch.com
app.tili.ai
commander.triangula.no
altatrainingclub.turnosweb.app
boxnfit.turnosweb.app
functions.core.api-dev.uodka.app
www.vasoline-lens.app
vgears.vn
www.weimpact.ai
whitecirclegroup.in
www.wilkensonfrancois.com
wrongd.app
yourcrazyshops.com
zajicova.com
Other domains in certificate