SSL Certificate Analysis for ruschat.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=adelaid.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 04, 2026

Valid Until

May 05, 2026 84 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

C1:D7:35:A7:CD:6A:A2:D9:15:40:7A:FD:43:E7:C6:57:60:66:E3:31:1A:C2:24:D2:25:73:2E:7F:4E:B0:14:1F

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

ruschat.com *.ruschat.com *.mx.ruschat.com *.ww5.ruschat.com

Other domains in certificate

abdelrhmangazea.com *.abdelrhmangazea.com *.anyconnect.abdelrhmangazea.com *.asa.abdelrhmangazea.com *.courses.abdelrhmangazea.com *.sslvpn.abdelrhmangazea.com *.vpn1.abdelrhmangazea.com *.www.abdelrhmangazea.com

adelaid.com *.adelaid.com *.api.adelaid.com *.landing.adelaid.com *.test.adelaid.com

amarilla.com *.amarilla.com *.flecha.amarilla.com

artposter.com *.artposter.com *.hosting.artposter.com *.hpc.artposter.com

bokepgratis.com *.bokepgratis.com *.dokzdexchangecorp.bokepgratis.com *.ruhislsxzrexchangecorp.bokepgratis.com *.tv.bokepgratis.com *.vpn.bokepgratis.com

crawshaw.com *.crawshaw.com *.mail1.crawshaw.com *.mx2.crawshaw.com *.qindbxwgffapp.crawshaw.com *.ww17.crawshaw.com

*.dns.firstreputation.com firstreputation.com *.firstreputation.com

homosexualism.com *.homosexualism.com *.www.homosexualism.com

kkplus.bet *.kkplus.bet *.play.kkplus.bet

*.api.marmura.com marmura.com *.marmura.com

*.11e.o1.chat *.11l.o1.chat *.11o.o1.chat *.16t.o1.chat *.18p.o1.chat *.1bk.o1.chat *.1hf.o1.chat *.1nz.o1.chat *.1ps.o1.chat *.1q7.o1.chat *.ai.o1.chat *.dockage.o1.chat *.nginx.o1.chat o1.chat *.o1.chat *.www.o1.chat

photographframes.uk *.photographframes.uk *.staging.photographframes.uk

*.on.qoo.de *.playground-stage.qoo.de *.q.qoo.de qoo.de *.qoo.de

*.rczhl.sqlgglloud.xyz sqlgglloud.xyz *.sqlgglloud.xyz

*.mywebmail.thekramers.com thekramers.com *.thekramers.com

waldt.com *.waldt.com *.ww38.waldt.com

*.emojiscavengerhunt.withgooogle.com *.learndigital.withgooogle.com *.stitch.withgooogle.com withgooogle.com *.withgooogle.com

*.7.x1119.cc *.m.x1119.cc x1119.cc *.x1119.cc