SSL Certificate Analysis for serglo.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Certificate Information

Subject

CN=rg11.cc

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 03, 2026

Valid Until

May 04, 2026 82 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

22:CD:D0:07:75:FF:55:73:F0:9B:68:03:34:10:C6:F4:72:47:B5:93:FB:C1:CD:B7:17:68:49:95:17:6B:81:60

Alternative Names

88 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

88 domains

serglo.com *.serglo.com *.anyconnect.serglo.com *.apps.serglo.com *.hostmaster.serglo.com *.login.serglo.com *.portal.serglo.com *.rdweb.serglo.com *.studentsvpn.serglo.com *.vdi.serglo.com *.vpn.serglo.com *.ww16.serglo.com *.zamid1-gp.serglo.com

Other domains in certificate

amgreadyhub.com *.amgreadyhub.com *.cb404876-2fd2-4995-af41-7d6c8f05d5cd.amgreadyhub.com *.oud.amgreadyhub.com *.webmail.amgreadyhub.com

*.61.cashbux.live *.bt.cashbux.live cashbux.live *.cashbux.live *.cd.cashbux.live *.ez.cashbux.live *.gp.cashbux.live *.ic.cashbux.live *.jd.cashbux.live *.k2.cashbux.live *.ks.cashbux.live *.pg.cashbux.live *.rd.cashbux.live *.td.cashbux.live *.wf.cashbux.live *.wp.cashbux.live

clc101.top *.clc101.top *.ww16.clc101.top *.ww84.clc101.top

*.aaa.demoplacepg.tech *.de.demoplacepg.tech demoplacepg.tech *.demoplacepg.tech *.imap.demoplacepg.tech *.ios.demoplacepg.tech *.root.demoplacepg.tech *.stage.demoplacepg.tech *.support.demoplacepg.tech *.zoom.demoplacepg.tech

gelirr.com *.gelirr.com *.whm.gelirr.com *.www.gelirr.com

lifetime.studio *.lifetime.studio *.ww25.lifetime.studio

*.cpanel.of-health.com of-health.com *.of-health.com *.test.of-health.com

*.api.quaint.world *.m.quaint.world quaint.world *.quaint.world *.web.quaint.world

*.96vlv1.rg11.cc rg11.cc *.rg11.cc

shuakenib.com *.shuakenib.com *.ww.shuakenib.com *.ww25.shuakenib.com

*.acceso.thepixy.com *.asa.thepixy.com *.demo.thepixy.com *.online.thepixy.com thepixy.com *.thepixy.com

*.701qjix28v2ody0yn1ij9ehem.userclass.com userclass.com *.userclass.com *.vpn.userclass.com

*.2afsi.uyajkvbt.xyz *.8ywboz7.uyajkvbt.xyz *.bk7k0.uyajkvbt.xyz *.dc4ky.uyajkvbt.xyz uyajkvbt.xyz *.uyajkvbt.xyz *.ww25.uyajkvbt.xyz