Open
Cached
·
just now
98/100
SECURITY SCORE
Certificate Information
Subject
CN=portal.itworks.nyc
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
January 06, 2026
Valid Until
April 06, 2026
76 days
Public Key
RSA
2048 bit
Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
E9:2C:0D:03:21:5B:00:63:B8:3A:AB:B2:E5:8D:96:58:B7:1E:63:22:A5:46:4D:E2:3F:77:06:F0:9D:E3:A6:03
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Good
max-age=63072000;includeSubDomains
Content-Security-Policy
Strong
default-src; script-src; style-src; +6 more
default-src 'self' https://static.zohocdn.com ;script-src 'none' ;style-src 'self' https://static.zohocdn.com ;img-src 'self' https://static.zohocdn.com ;object-src 'none' ;base-uri 'self' ;form-action 'none' ;report-uri https://logsapi.zoho.com/csplog?service=support;report-to https://logsapi.zoho.com/csplog?service=support
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), ambient-light-sensor=(), bluetooth=(), compute-pressure=(), document-domain=(), encrypted-media=(), gamepad=(), gyroscope=(), hid=(), magnetometer=(), midi=(), screen-wake-lock=(), serial=(), speaker-selection=(), usb=(), xr-spatial-tracking=()
Recommendations
- • Consider adding 'preload' to HSTS for maximum security
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • You have authorized 4 CAs - consider limiting to only the CAs you actively use
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
- • Consider adding 'issuewild' records to control wildcard certificate issuance
Subject Alternative Names
65 domains
support.cbont.com
support.2dogdigital.com
support.5030media.com
portal.abhinav.com
helpdesk.acsys.com
support.ahsworldwide.org
desk.aidjuris.com
support.ambitechstrous.com
fohr.appfire.com
cs.avjet.ca
help.bengtzengroup.com
cs.branddevelopers.co.nz
desk.brasiline.com.br
support.bvnair-usa.com
support.callocean.com
helpcenter.castbox.fm
support.collierfiber.com
support.memf.com.sa
destek.b-fit.com.tr
support.damianknowles.com
support.dennyaustin.com
it.ecocert.ca
servicedesk.esentry.xyz
support.etilux.be
desksupport.everglades.services
support.familypeacecenter.org
help.formslogic.us
support.gosafersecurity.com
helpdesk.highcomm.com
ahltvsupport.hockeytech.com
htvsupport.hockeytech.com
support.hyficleaning.com
support.inkstring.com
soporte.intelego.pe
support.isvalley.com
portal.itworks.nyc
support.kacific.com
support.kakr.ai
support.keyrusdigital.co.za
support.labspot.com
support.magnifiedship.com
help.mitipi.com
support.mo-rs.com
support.multiplyinggood.org
financesupport.naf.org
support.nextgensoftware.solutions
cycleprosupport.rukusfranchise.com
studiosupport.rukusfranchise.com
support.smarthomesentry.com
desk.stolztele.com
portal.tekologyinc.com
helpdesk.telnovo.net
support.telnovo.net
assistenza.trexya.it
support.tvshop.co.nz
support.tvshop.com.au
it.uceap.universityofcalifornia.edu
portalhelp.uceap.universityofcalifornia.edu
webhelp.uceap.universityofcalifornia.edu
clientsupport.urbancomtech.com
support.vcast.net
support.viaelo.com
support.voiptology.com
helpdesk.vortexiq.ai
help.yapperoo.com
Other domains in certificate