Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=web.ondagoapp.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
October 14, 2025
Valid Until
January 12, 2026
58 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
D5:AB:FF:96:5E:25:2E:2F:53:FA:A1:DF:A3:ED:2A:59:7E:DA:FA:B8:C4:26:99:97:46:9D:CE:4E:85:D7:41:E4
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31556926
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
training-fellow.de
www.arredamentivalgandino.it
maps.arvnd.in
brhomes.in
brisstudio.no
cc-logos.com
www.cc-logos.com
chaseschweitzer.me
manage-dev.vonder.co.th
projects.developersden.in
devy.ch
www.docuverse.io
q1-international.dpd.co.uk
dylancreatives.com
www.ecoluxclean.in
eliasousa.tech
elite-vtc.fr
elsadestenabes-psychologue.fr
sylvan.exostay.com
frij.io
gamebites.fyne.games
cms.goong2000.com
gorillasports.kr
www.gorillasports.kr
www.greenpantsstudio.com
clicks.grevling.dev
www.hikehealthgs.com
hlmiet.org
www.hutbase.com
www.in4studio.com
chefsguide.irinoxprofessional.com
www.izoll.com
familymovienight.johnshaida.com
joppy.me
electricsheep.jugovic.io
juwel.dev
team.kahiji.id
kensley.info
app-contabilidad.ledmon.com
www.leecon.de
lofi.earth
magneinvestments.ch
market-hub.info
www.midlandautosales.co.uk
mkurt.dev
netcrumb.com
painel.nossacidademelhor.com
not-thing.net
web.ondagoapp.com
orama-zuri.com
paolopasqualin.it
patchdiff.lol
traiteur.jules-et-john.paymytable.com
pearlxplore.com
authtest.platenger.com
kaapaethanolcommodities.portal.plenadata.com
aprovei.quitaboletos.com.br
www.remotevitalsigns.com
rgmtaxmaster.com
ruanthai.fr
www.saycheesebistrot.com
app.scanafy.de
scanhits.com
www.schmetterlingschule.de
platform.segna.io
www.senghout.com
birthday.sohcah.dev
game-db.sonoapp.page
beta.sosomacarons.com
www.sphrei.com
www.steveford.codes
strangedazemusic.com
www.swapple.gg
admin.testimonialdonut.com
theboostalent.com
thecalm.dev
www.theessenceworld.com
www.tilzmatictech.com
tinhk.com
www.titanoid.com
tomer-bi.com
api.dev.upnext.in
admin.valianceworld.com
verbraucher-gesundheit.de
www.vivocontento.com
www.wandb.ai
pm.wesselbuchling.com
webplayer-sub.wexer.com
www.wildfireone.com
www.womanintheroom.com
wordwormgame.com
xenon.digital
www.yashashomestay.com
yongjie.dev
ypage.pl
admin.ytsv.vn
link.zaynaxhealth.com
url.zizr.id
share.zoom.com.br
zorrobyte.io
Other domains in certificate