SSL Certificate Analysis for pgoot.cc - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=pgoot.cc

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 26, 2026

Valid Until

May 27, 2026 89 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

B8:29:D8:1D:B4:C1:5E:2E:18:07:82:8F:72:F1:F5:B0:53:00:4B:E0:67:AA:5D:09:49:90:24:F1:BB:3C:1D:28

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

pgoot.cc *.pgoot.cc

Other domains in certificate

addyouractives.com *.addyouractives.com *.apps.addyouractives.com *.backend.addyouractives.com *.cms.addyouractives.com *.dash.addyouractives.com *.explore.addyouractives.com *.hostmaster.addyouractives.com *.login.addyouractives.com *.random.addyouractives.com *.remote.addyouractives.com *.stage.addyouractives.com *.support.addyouractives.com *.testing.addyouractives.com

*.89wkp.anticxz.xyz anticxz.xyz *.anticxz.xyz *.catalog.anticxz.xyz *.d.anticxz.xyz *.dns-shop.anticxz.xyz *.farpost.anticxz.xyz *.lalafo1.anticxz.xyz *.media.anticxz.xyz *.megamarket.anticxz.xyz *.ozon.anticxz.xyz

*.448.parklanenursinghome.org *.email.parklanenursinghome.org *.illegale-arbeid.parklanenursinghome.org parklanenursinghome.org *.parklanenursinghome.org

*.115.rokuapp.com *.138.rokuapp.com *.144.rokuapp.com *.145.rokuapp.com *.149.rokuapp.com *.181.rokuapp.com *.83.rokuapp.com *.audm.rokuapp.com *.blog2.rokuapp.com *.bstnma.rokuapp.com *.com.rokuapp.com *.compute.rokuapp.com *.cust.rokuapp.com *.driveandlisten.rokuapp.com *.drivenlisten.rokuapp.com *.he.rokuapp.com *.herouapp.rokuapp.com *.hostmaster.rokuapp.com *.lightspeed.rokuapp.com *.longmingdns.rokuapp.com *.ludicrous.rokuapp.com *.netfront.rokuapp.com *.random.rokuapp.com rokuapp.com *.rokuapp.com *.rustore.rokuapp.com *.sitemap.rokuapp.com *.toocle.rokuapp.com *.upc-f.rokuapp.com *.us-east-1.rokuapp.com *.ww25.rokuapp.com

*.0054ec8f-69c3-49c1-9c45-bc04752a7147.verg.be *.3g.verg.be *.622.verg.be *.admin.verg.be *.are.verg.be *.azurepipelines.verg.be *.bbs.verg.be *.dan.verg.be *.dashbord.verg.be *.emv1.verg.be *.g.verg.be *.ipv6.verg.be *.login.verg.be *.m.verg.be *.magento.verg.be *.mail1.verg.be *.mx2.verg.be *.pay.verg.be *.recovery.verg.be *.remote.verg.be verg.be *.verg.be *.vpn.verg.be *.ww12.verg.be *.ww2.verg.be *.ww38.verg.be