Open
Cached
·
just now
78/100
SECURITY SCORE
Certificate Information
Subject
CN=iriskingston.com
Issuer
C=US, O=Google Trust Services, CN=WR3
Valid From
September 23, 2025
Valid Until
December 22, 2025
31 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
90:E9:18:98:9E:94:F5:3A:23:E9:43:A6:F5:C0:2D:57:B3:21:00:7D:DD:1A:D4:AC:71:60:2D:72:4B:7D:A9:5B
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
Content-Security-Policy
Weak
require-trusted-types-for; report-uri; object-src; +3 more
require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport,script-src 'report-sample' 'nonce-gVrPj22WjfQZiodORAv0iw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self'
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Present
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Significantly strengthen CSP directives
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
100 domains
currys.co
risenrollwarsaw.order.3bapps.com
ict.academelms.com
aisportswatch.eu
chally.albygone.it
allancamposcv.com
analytica-usa.com
www.anime.cards
d.deeplink.appjusto.com.br
www.aptimithra.com
arriveorigin.com
www.awni.ai
www.beatriceilsaporedellarte.com
www.beyubyzen.com
www.brightad.in
report.democx.bycopilot.com
casablancasfood.com
apharma.com.pl
iscz.staging.admin.convercus.io
crunchy-app.com
www.danielperezparada.com
desikhelshuru.com
doglog.tech
www.eventman.live
www.executiveitsupport.com.au
dev.finishlineresultscoaching.com
forturatech.com
link.fruitsfamily.com
devx.getsplashpad.com
gutts.mx
mywork.hrmonitor.com
ast.huangyouci.com
hubbe.guru
repense.user-auth-dev.huddlebrasil.com
building.hungryforjesus.com
app.hypacard.com
ibirapitangaimoveis.com
internship.ibranchrecruiters.com
core.inavinfotech.in
indosweetjn.com
iriskingston.com
ufarm-dev.itrace.app
www.karlkriger.com
mgt.keynexis.com
share.kissfm.de
lewboxing.com
aero-ics-calendar-sync.licarth.com
linda-lmft.com
luova-gifting.com
center.gamingboard.luxov-connect.com
get.manifestfinancial.com
legal.manifestfinancial.com
www.manzarhaq.com
visit.microsofttheater.com
auth.mindos.com
mocket.co
learnenglish.mythyaverse.com
myworkportal.ie
www.shaper.napalmcustom.com
nighttimedrive.band
app.notefield.com
octavioanalytics.com.br
www.olokun.com.mx
www.omonayajo.com
ofsc20202021.ondagoapp.com
oorjadevotion.com
fundacionlilianabodoc.org.ar
share.parcoapp.com
www.phhome.in
app.pocket-study.com
auth.stagingapp.precisionprogolf.com
online-theory.prettysailing.com
printbeanafrica.com
www-qa.productioncliq.com
www.projectdataflow.com
www.qualityvet.eu
schenider.quant-layer.com
ranexis.com
whatsapp.reachsms.com
app.rentalboatsafety.com
lightbulb.shemarlindie.com
www.soundlogicaz.com
secaficlimatisation-app.speakylink.com
specpal.dev
spoppinapp.com
www.admin.startuplogin.com
www.daniel.dev.sthima.com
beta.synkro.co
developers.teamo.io
www.technickclarke.co.uk
www.thegitaway.com
www.thesfactor.co
throttlecapital.com
www.trisurrey.com
space.unfollowing.com
unitedapp.club
www.urspayce.com
www.weddingring.mn
www.word-scramble-game.com
www.yakimacommunityaid.com
Other domains in certificate