SSL Certificate Analysis for m.self.com - Security Grade & TLS Configuration

Open Cached · just now

68/100 SECURITY SCORE

Certificate Information

Subject

CN=condenast.com

Issuer

C=US, O=Amazon, CN=Amazon RSA 2048 M01

Valid From

October 10, 2025

Valid Until

November 08, 2026 309 days

Public Key

RSA 2048 bit Adequate

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

D4:0B:F3:BB:4C:1D:CE:BB:35:FC:5B:8F:01:F4:E4:0D:74:3B:41:55:42:AF:23:42:34:00:5B:9A:39:6B:3A:D7

Alternative Names

99 domains

Security Configuration

TLS Protocols

TLS 1.0 TLS 1.1 TLS 1.2

Forward Secrecy

Limited (Check cipher configuration)

Warnings

• TLS 1.3 is not supported (recommended)
• TLS 1.1 is deprecated and should be disabled
• TLS 1.0 is deprecated and should be disabled

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

99 domains

self.com *.self.com

Other domains in certificate

condenast.com

newyorker.com *.newyorker.com

nextworkcon.com *.nextworkcon.com

nutritiondata.com *.nutritiondata.com

nyc2bermuda.com *.nyc2bermuda.com

ouse.co *.ouse.co

pitchfork.com *.pitchfork.com

pitchforkmusic.com *.pitchforkmusic.com

pitchforkmusicfestival.com *.pitchforkmusicfestival.com

revistaad.es *.revistaad.es

seat2b.biz *.seat2b.biz

selfhealthykitchen.com *.selfhealthykitchen.com

shopvogue.tv *.shopvogue.tv

smittendaily.com *.smittendaily.com

sobasically.com *.sobasically.com

stoneanddangerous.com *.stoneanddangerous.com

stonedanddangerous.com *.stonedanddangerous.com

tatler.co.uk *.tatler.co.uk

tatler.com *.tatler.com

tatler.uk *.tatler.uk

techobserver.biz *.techobserver.biz

teenvogue.com *.teenvogue.com

teenvogueallacess.com *.teenvogueallacess.com

teenvoguedreambig.com *.teenvoguedreambig.com

teenvoguefashionuniversity.com *.teenvoguefashionuniversity.com

teenvoguespromo.com *.teenvoguespromo.com

theglobalgentleman.com *.theglobalgentleman.com

thelovemagazine.co.uk *.thelovemagazine.co.uk

them.us *.them.us

traveller.co.uk *.traveller.co.uk

traveller.uk *.traveller.uk

truth.travel *.truth.travel

vanityfair.co.uk *.vanityfair.co.uk

vanityfair.com *.vanityfair.com

vanityfair.fr *.vanityfair.fr

vanityfairart.com *.vanityfairart.com

vegaschatter.com *.vegaschatter.com

vf.com *.vf.com

vfawards.com *.vfawards.com

vffounders.com *.vffounders.com

vffoundersfair.com *.vffoundersfair.com

vfhive.com *.vfhive.com

vfhwd.com *.vfhwd.com

vfsummit.com *.vfsummit.com

vfvanities.com *.vfvanities.com

vogue.co.uk *.vogue.co.uk

vogue.com *.vogue.com

vogue.com.mx *.vogue.com.mx

vogue.fr *.vogue.fr