Open
Cached
·
just now
76/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
CN=iclarity.tech
Issuer
C=US, O=Let's Encrypt, CN=R13
Valid From
March 24, 2026
Valid Until
June 22, 2026
38 days
Public Key
RSA
4096 bit
Strong
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
B8:6D:D8:A5:C0:F6:BA:8A:F8:90:2A:FC:2D:EC:6F:7D:55:55:0F:3B:4C:B5:4F:F4:21:E2:3A:CD:B8:0D:BA:D0
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Strict-Transport-Security header with max-age of at least 1 year
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
90 domains
doglovers.it
*.doglovers.it
*.apetfortwo.doglovers.it
*.api.doglovers.it
*.arfdating.doglovers.it
*.bi.doglovers.it
*.data.doglovers.it
*.demo.doglovers.it
*.incontriconcani.doglovers.it
*.metric.doglovers.it
*.metrics.doglovers.it
*.superset.doglovers.it
*.www.doglovers.it
avex.it
*.avex.it
*.backend.avex.it
*.hostmaster.avex.it
*.remote.avex.it
desoxythymidin.de
*.desoxythymidin.de
fde.com.au
*.fde.com.au
*.mx.fde.com.au
*.www.fde.com.au
*.admin.iclarity.tech
*.aging.iclarity.tech
*.api.iclarity.tech
*.app.iclarity.tech
*.assets.iclarity.tech
*.backup.iclarity.tech
*.bezmgbackup.iclarity.tech
*.demo.iclarity.tech
*.dev.iclarity.tech
*.e46d3c7b-453d-4761-9025-bd1a270b1cb4.iclarity.tech
*.hostmaster.iclarity.tech
iclarity.tech
*.iclarity.tech
*.mvqvdemo.iclarity.tech
*.new.iclarity.tech
*.staging.iclarity.tech
*.uat.iclarity.tech
*.w.iclarity.tech
magazinesplum.com
*.magazinesplum.com
*.airliquidehealthcare.nhs.pizza
*.app.nhs.pizza
*.assets.nhs.pizza
*.blog.nhs.pizza
*.cambscommunityservices.nhs.pizza
*.demo.nhs.pizza
*.dev.nhs.pizza
*.greenbrook.nhs.pizza
*.highstreetsurgerylowestoft.nhs.pizza
*.hostmaster.nhs.pizza
nhs.pizza
*.nhs.pizza
*.ouh.nhs.pizza
*.staging.nhs.pizza
*.swaveseysurgery.nhs.pizza
*.598bedbb-9bd2-453f-be28-631496272f07.positive.best
*.69622f5d-3803-40f1-b530-b16e963be2bd.positive.best
*.admin.positive.best
*.api.positive.best
*.app.positive.best
*.arxrndev.positive.best
*.assets.positive.best
*.backup.positive.best
*.cd436bae-9eed-4c65-b7a9-15666395e5e8.positive.best
*.demo.positive.best
*.dev.positive.best
*.fd6d5260-8133-4e11-b51f-f1532d99fe2b.positive.best
*.files.positive.best
*.ftp.positive.best
*.happy.positive.best
*.hostmaster.positive.best
*.m.positive.best
*.mail.positive.best
*.pop.positive.best
positive.best
*.positive.best
*.smtp.positive.best
*.staging.positive.best
*.summary.positive.best
*.test.positive.best
*.uat.positive.best
*.www.positive.best
*.www1.positive.best
*.m.xarmoron.com
xarmoron.com
*.xarmoron.com
Other domains in certificate