onto.app

.app crawl

First seen 2026-04-18 · Last seen 2026-05-12 · ok HTTP/1.1 200 1485 ms crawled 2026-05-12

SG · 35.240.178.219 · AS396982 Google LLC

Reputation 100/100

Classifying

HTML metadata

Title: ONTO
Description: Blockchain & Web3 at your fingertips
Language: en
Canonical: https://onto.app

Open Graph

url: https://onto.app
title: ONTO
description: Blockchain & Web3 at your fingertips

Technology

Server: nginx

Analytics

Google Tag Manager

Third-party hosts loaded (1)

www.googletagmanager.com×2

Social

Contact

Email

contact@onto.app

DNS records live

NS

ns-183-a.gandi.net
ns-217-b.gandi.net
ns-76-c.gandi.net

MX

10 mx1.privateemail.com
10 mx2.privateemail.com

TXT

ywxnbjjrjs6675lqqmd25lc0r191lglb
google-site-verification=tOq4i0yq-NUaWPSbGYgoJDphYIsMYakYUiASN9tfXZM
223b3d94-1321-4d4a-a1cc-43a4efcf96de=646d48c32049131d415b983d31bbb82e9f85a619af24cd5fef06db3531b2f5ad

Email authentication strong

SPF

v=spf1 include:spf.privateemail.com ~all

softfail (~all)

DMARC

v=DMARC1; p=reject; rua=mailto:contact@onto.app

policy: reject (enforced)

DKIM

default: v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7BaHujKcK8cgrSvYzkGRUVd9MEMy7AxizykBbM16n2I8vLg3WAEYUSKNWGBg4w+6NoeEfbBkPFJqztt…

selectors probed

Certificate (current)

from 2026-04-14 to 2026-07-13

Expires in 54 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 55/100 Checked live page: https://onto.app/

present

content-security-policy
x-frame-options

findings

missing HSTS
CSP uses wildcard sources
missing content type protection
missing Referrer Policy
missing Permissions Policy

Header values

x-frame-options: DENY
content-security-policy: frame-ancestors 'self' onto.app *.onto.app

Links to (5)

Linked from (1)

ont.io×2