SSL Certificate Analysis for gz.aamillwork.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=voguefabricsdalston.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

April 17, 2026

Valid Until

July 16, 2026 50 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

AE:B0:E7:C2:3B:86:14:F4:93:F9:3F:B3:F5:A8:E5:7C:5A:FB:07:62:AE:A1:6B:00:B3:D0:B7:5D:C4:4C:A3:5F

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

aamillwork.com *.aamillwork.com *.gz.aamillwork.com *.insun.aamillwork.com *.pub.aamillwork.com *.r.aamillwork.com *.random.aamillwork.com *.rgfn.aamillwork.com *.ww25.aamillwork.com

Other domains in certificate

approver.com.au *.approver.com.au *.ww25.approver.com.au

bioenergy.com.au *.bioenergy.com.au *.ww25.bioenergy.com.au

*.blog.conaliteg.com *.cdi.conaliteg.com *.com.conaliteg.com conaliteg.com *.conaliteg.com *.forum.conaliteg.com *.img.conaliteg.com *.m.conaliteg.com *.tech.conaliteg.com *.ww.conaliteg.com *.ww5.conaliteg.com

*.a.dwww.cc dwww.cc *.dwww.cc

freeletterfromsantaclaus.net *.freeletterfromsantaclaus.net *.sitemap.freeletterfromsantaclaus.net *.ww1.freeletterfromsantaclaus.net *.ww16.freeletterfromsantaclaus.net *.ww25.freeletterfromsantaclaus.net *.www.freeletterfromsantaclaus.net

freshfruitfriday.com *.freshfruitfriday.com

*.cpanel.handlowiec.com handlowiec.com *.handlowiec.com *.katalog.handlowiec.com *.videos.handlowiec.com

*.austin.housealmanac.com *.dallas.housealmanac.com housealmanac.com *.housealmanac.com *.houston.housealmanac.com *.san-antonio.housealmanac.com

kittle.co *.kittle.co

orlandogaytravel.com *.orlandogaytravel.com *.ww25.orlandogaytravel.com

*.co.samiacreation.com *.dash.samiacreation.com *.e.samiacreation.com samiacreation.com *.samiacreation.com *.stage.samiacreation.com *.ww16.samiacreation.com

*.demo.swts.club *.development.swts.club *.elk.swts.club *.insight.swts.club *.join.swts.club *.office.swts.club *.shopoffice.swts.club swts.club *.swts.club *.ww25.swts.club

*.m.terramaechattanooga.com terramaechattanooga.com *.terramaechattanooga.com

*.js.thecm.com *.jsbt.thecm.com *.library.thecm.com *.shopping.thecm.com thecm.com *.thecm.com *.ww25.thecm.com

*.media.voguefabricsdalston.com voguefabricsdalston.com *.voguefabricsdalston.com *.ww38.voguefabricsdalston.com

*.ancestors.zelltree.com *.yjj.zelltree.com zelltree.com *.zelltree.com