SSL Certificate Analysis for hostmaster.iclaspro.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=pelisplay.xyz

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 12, 2026

Valid Until

August 10, 2026 61 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

86:8F:CB:66:65:8E:80:82:D5:FC:FC:45:D1:C8:9E:97:03:F8:C4:4F:C9:64:57:63:59:A1:CD:00:0E:D4:C7:F7

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

iclaspro.com *.iclaspro.com *.admin.iclaspro.com *.app.iclaspro.com *.enterprise.iclaspro.com *.hostmaster.iclaspro.com *.ww25.iclaspro.com

Other domains in certificate

crosstowntees.com *.crosstowntees.com *.shop.crosstowntees.com *.ww38.crosstowntees.com

*.aziiz.da94.com da94.com *.da94.com

*.consilium.eurpoa.eu *.easa.eurpoa.eu *.ec.eurpoa.eu *.ema.eurpoa.eu *.eulisa-test.eurpoa.eu *.eur-lex.eurpoa.eu *.eurojust.eurpoa.eu *.europarl.eurpoa.eu eurpoa.eu *.eurpoa.eu

faancyfashion.com *.faancyfashion.com

*.demo.hackfbaccountlive.com hackfbaccountlive.com *.hackfbaccountlive.com *.old.hackfbaccountlive.com *.pipeline.hackfbaccountlive.com *.qa.hackfbaccountlive.com *.store.hackfbaccountlive.com *.superset.hackfbaccountlive.com *.ts.hackfbaccountlive.com *.wss.hackfbaccountlive.com *.ww25.hackfbaccountlive.com

insurancepremium.ca *.insurancepremium.ca *.m.insurancepremium.ca

keenanevans.com *.keenanevans.com *.random.keenanevans.com

keobongda.net *.keobongda.net *.random.keobongda.net *.ssh.keobongda.net *.ww38.keobongda.net *.www.keobongda.net

*.demo.logisticsville.com logisticsville.com *.logisticsville.com *.random.logisticsville.com *.ww17.logisticsville.com

mc88.life *.mc88.life

nelobu.com *.nelobu.com *.ww25.nelobu.com

*.api.pelisplay.xyz *.m.pelisplay.xyz pelisplay.xyz *.pelisplay.xyz

*.api.platform8games.com platform8games.com *.platform8games.com

probik.pro *.probik.pro

*.node01.sapphiredtx.com *.portal.sapphiredtx.com sapphiredtx.com *.sapphiredtx.com

slot138cash.vip *.slot138cash.vip *.u2p990.slot138cash.vip

tatiana.life *.tatiana.life

the-new-inn.co.uk *.the-new-inn.co.uk *.ww25.the-new-inn.co.uk

*.ej3r8hsnng.trackyourproperty.com trackyourproperty.com *.trackyourproperty.com

vocalremover.info *.vocalremover.info

webb.life *.webb.life

*.api.wiflix.bio wiflix.bio *.wiflix.bio