SSL Certificate Analysis for amalgams.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=hynykeebe2.com

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

January 15, 2026

Valid Until

April 15, 2026 49 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

63:E4:EC:4D:52:57:BF:EC:85:FA:7B:6C:63:85:8C:2C:28:41:CD:30:2B:86:69:F5:3E:F7:15:57:DF:52:20:4C

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

amalgams.com *.amalgams.com *.usenet.amalgams.com

Other domains in certificate

adszx.pro *.adszx.pro *.comland1.adszx.pro *.land1.adszx.pro *.ws.adszx.pro *.wss.adszx.pro

*.apple.candybox.to *.apricot.candybox.to candybox.to *.candybox.to *.caramel.candybox.to *.cinamon.candybox.to *.coconut.candybox.to *.grape.candybox.to *.green.candybox.to *.honey.candybox.to *.lemon.candybox.to *.milk.candybox.to *.orange.candybox.to *.pink.candybox.to *.plum.candybox.to *.soda.candybox.to *.toplum.candybox.to *.wildberry.candybox.to *.ww16.candybox.to *.yellow.candybox.to

chloroxpool.com *.chloroxpool.com *.ww25.chloroxpool.com

cici4djp.cc *.cici4djp.cc

frescoynatural.com *.frescoynatural.com

googleflihts.com *.googleflihts.com

heartlandvacationrentals.com *.heartlandvacationrentals.com *.ww25.heartlandvacationrentals.com

heleneabicair.com.au *.heleneabicair.com.au *.server.heleneabicair.com.au

hynykeebe2.com *.hynykeebe2.com

*.alpha.indeedcareers.com *.cicd.indeedcareers.com indeedcareers.com *.indeedcareers.com *.pipeline.indeedcareers.com

*.29155.keepwifi.com keepwifi.com *.keepwifi.com

kutanaknife.com *.kutanaknife.com *.random.kutanaknife.com

*.hostmaster.metmseum.org *.hotfix.metmseum.org metmseum.org *.metmseum.org *.random.metmseum.org *.wildcard.metmseum.org *.www.metmseum.org

ozhukarai.in *.ozhukarai.in

*.dns.pixobay.com *.hostmaster.pixobay.com *.mx7.pixobay.com pixobay.com *.pixobay.com *.www.pixobay.com

psgg88.club *.psgg88.club *.sitemap.psgg88.club *.www.psgg88.club

stylish.cm *.stylish.cm

theyearbookordercenter.com *.theyearbookordercenter.com

*.edu.utusan.com *.m.utusan.com utusan.com *.utusan.com *.ww17.utusan.com *.www.utusan.com

*.mg.weallsave.com.au weallsave.com.au *.weallsave.com.au