SSL Certificate Analysis for rdweb.itforensics.org - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=js001.com.cn

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

May 02, 2026

Valid Until

July 31, 2026 47 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

95:B5:37:BE:F5:9C:A2:52:77:CA:67:AA:49:9C:3B:2F:8E:E3:E5:12:68:B0:C5:6A:0E:88:83:B3:B4:BE:A6:B5

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

itforensics.org *.itforensics.org *.02e72efc-f304-4d0d-ae76-30bef849146c.itforensics.org *.1ac297cc-1082-44f0-a118-497bf1e6044e.itforensics.org *.apps.itforensics.org *.cloud.itforensics.org *.mail.itforensics.org *.new.itforensics.org *.portal.itforensics.org *.rdp.itforensics.org *.rds1.itforensics.org *.rdweb.itforensics.org *.remote.itforensics.org *.ts.itforensics.org *.txntrportal.itforensics.org *.www.itforensics.org

Other domains in certificate

anytimeauctiontreasures.com *.anytimeauctiontreasures.com *.git.anytimeauctiontreasures.com *.m.anytimeauctiontreasures.com *.wp.anytimeauctiontreasures.com

beunique.studio *.beunique.studio *.fl3xx.beunique.studio

bodytonus.bio *.bodytonus.bio *.ww25.bodytonus.bio

carissa.com.au *.carissa.com.au *.ww25.carissa.com.au

casinoclub7v1.com *.casinoclub7v1.com *.wallet.casinoclub7v1.com *.ww25.casinoclub7v1.com

crikul.my *.crikul.my

emrelektrikmuhendislik.com *.emrelektrikmuhendislik.com *.ww25.emrelektrikmuhendislik.com

*.1zebuel.js001.com.cn *.2kt1zhb.js001.com.cn *.2o69vzm.js001.com.cn *.gun2lu.js001.com.cn js001.com.cn *.js001.com.cn *.m.js001.com.cn *.uw3zhc.js001.com.cn

*.autoconfig.mobilestairlifts-pt.site *.checkout.mobilestairlifts-pt.site mobilestairlifts-pt.site *.mobilestairlifts-pt.site *.notexistsapi.mobilestairlifts-pt.site

*.m.pacar88.click pacar88.click *.pacar88.click *.test-api.pacar88.click

presidenwin88b.click *.presidenwin88b.click

proinvestor.pro *.proinvestor.pro *.ww38.proinvestor.pro

*.api.recoverstrategies.com *.backup.recoverstrategies.com *.ccalg7.recoverstrategies.com *.dev.recoverstrategies.com recoverstrategies.com *.recoverstrategies.com *.uat.recoverstrategies.com *.vpn.recoverstrategies.com *.www.recoverstrategies.com

sport-center-isf.com *.sport-center-isf.com *.ww25.sport-center-isf.com