Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tls.automattic.com
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
December 09, 2025
Valid Until
March 09, 2026
54 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
DA:A6:10:6F:3B:E3:57:A7:14:FE:AC:DD:E5:08:29:20:44:94:AB:60:62:37:66:86:AA:0D:CB:ED:23:AD:12:A6
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
51 domains
musingsof2creativeminds.com
tls.automattic.com
anshpariahr.music.blog
bic.music.blog
corpete.music.blog
dividere.music.blog
everydayblog.music.blog
fifatwenty.music.blog
fumo.music.blog
naveedsinging.music.blog
new.music.blog
qui-quae-esseblog.music.blog
rasati.music.blog
recusandae-praesentium-ut-cumblog.music.blog
scalextric.music.blog
shorthair.music.blog
soiree.music.blog
www.clementschoi5.music.blog
www.codeword.music.blog
www.collegue.music.blog
www.ebattles.music.blog
www.estrellado.music.blog
www.fascinator.music.blog
www.iste-adipisci-voluptatibusblog.music.blog
www.musica-urbana.music.blog
www.musicalmusings.music.blog
www.musicaparajovenes.music.blog
www.naps.music.blog
www.prato.music.blog
www.quae-odio-est-quaeblog.music.blog
www.sleepingpad.music.blog
www.sultrysingles.music.blog
music4words.com
www.music4words.com
musicaficionado.blog
musicformediauk.com
www.musicformediauk.com
musicisageless.com
www.musicisageless.com
www.musiclivelocallincoln.com
musicmanagementfordance.com
www.musicmanagementfordance.com
musicmanmagazine.com
musicmattersgb.com
www.musicmattersgb.com
musicof25.com
www.musig.ca
www.musingslibrarian.blog
saudes.blog
www.thepenismightierthanthesword.blog
tuautoideal.mx
Other domains in certificate