SSL Certificate Analysis for rdweb.amgkey.com - Security Grade & TLS Configuration

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=webparty.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

February 07, 2026

Valid Until

May 08, 2026 76 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

5E:50:AB:E5:A2:F3:44:7D:F3:40:EE:8D:F2:2D:04:33:65:82:11:C9:14:E1:B2:B7:20:8A:91:92:F4:D0:40:68

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

amgkey.com *.amgkey.com *.m.amgkey.com

Other domains in certificate

0808.it *.0808.it *.demo.0808.it *.forecast.0808.it

alysse.com *.alysse.com *.help.alysse.com *.owbgrremote.alysse.com *.test45.alysse.com

blondina.com *.blondina.com *.m.blondina.com

bqg567.com *.bqg567.com *.m.bqg567.com *.ww25.bqg567.com *.www.bqg567.com

careerclimbpath.xyz *.careerclimbpath.xyz *.rczhl.careerclimbpath.xyz *.yhue2.careerclimbpath.xyz

choivibet.click *.choivibet.click *.preview.choivibet.click

*.board.coursear.com coursear.com *.coursear.com *.dashboard.coursear.com *.insight.coursear.com *.integration.coursear.com *.production.coursear.com *.visualize.coursear.com *.w.coursear.com

dcleor.com *.dcleor.com

*.cpanel.gomommy.pro gomommy.pro *.gomommy.pro

*.al.gorv.com.br *.carutapera-ma.gorv.com.br gorv.com.br *.gorv.com.br *.parnamirim.gorv.com.br *.trabalho.gorv.com.br

*.admin.kitcko.com *.api.kitcko.com *.app.kitcko.com *.dev.kitcko.com kitcko.com *.kitcko.com *.security.kitcko.com *.ww12.kitcko.com *.wwww.kitcko.com

*.comune.loreggia.it loreggia.it *.loreggia.it

*.blogs.nytomes.com *.cooking.nytomes.com *.health.nytomes.com *.homedelivery.nytomes.com *.hostmaster.nytomes.com *.mobile.nytomes.com nytomes.com *.nytomes.com *.ww25.nytomes.com

*.access.rwav.com *.pipeline.rwav.com *.qbqm.rwav.com rwav.com *.rwav.com *.ww16.rwav.com *.zq.rwav.com

*.hostmaster.suveates.com suveates.com *.suveates.com *.video.suveates.com *.ww1.suveates.com *.ww16.suveates.com *.ww25.suveates.com *.ww38.suveates.com *.wwww.suveates.com

texasfastdraw.com *.texasfastdraw.com *.vpn2.texasfastdraw.com

*.random.webparty.it webparty.it *.webparty.it