Open
Cached
·
just now
92/100
SECURITY SCORE
Certificate Information
Subject
CN=tls.automattic.com
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
September 30, 2025
Valid Until
December 29, 2025
30 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
8D:68:23:1B:50:90:43:E6:05:03:72:03:91:DA:A0:2D:2E:7B:0E:C9:BE:C3:E3:46:6C:B5:93:63:4F:A4:06:50
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Weak
upgrade-insecure-requests
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(self), encrypted-media=(), fullscreen=*, geolocation=(self), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=*, picture-in-picture=*, publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=*, usb=(), xr-spatial-tracking=(), gamepad=(), serial=()
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Significantly strengthen CSP directives
CAA Records (Certificate Authority Authorization)
CAA Records
Configured
(Restricts certificate issuance)
Current Issuer
Authorized
(Matches CAA policy)
Authorized CAs
Wildcard CAs
Recommendations
- • Consider using critical flag (flags=128) for stricter CAA enforcement
- • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
Subject Alternative Names
51 domains
taggle.com.au
www.taggle.com.au
www.aninquisitivecat.com
aptekaviktorija.com
www.aptekaviktorija.com
atlasgovernmentaffairs.com
www.atlasgovernmentaffairs.com
tls.automattic.com
bereasungrak.org
www.bereasungrak.org
www.bigdesignevents.com
bkdcontactcenter.host
www.bkdcontactcenter.host
blackdiamondsequineathletes.com
www.blackdiamondsequineathletes.com
bradhil.com
www.bradhil.com
www.brentarmendinger.com
cakesbyjovanna.com
www.cakesbyjovanna.com
www.kinmom2.family.blog
2kool4.fashion.blog
www.2kool4.fashion.blog
kiffkitchen.com
www.kiffkitchen.com
soloactiva.law.blog
www.soloactiva.law.blog
sandoval80ball.movie.blog
www.sandoval80ball.movie.blog
arbc.poetry.blog
www.arbc.poetry.blog
blog.rwts.com.au
www.blog.rwts.com.au
servimaninst.com
alquimista.sport.blog
mrfousports.sport.blog
www.alquimista.sport.blog
www.mrfousports.sport.blog
floreado.tech.blog
techraghusoftw.tech.blog
www.floreado.tech.blog
www.thetrailnerds.com
timemachinescorp.com
trustk6.com
truthabouttrade.org
www.truthabouttrade.org
www.waruid.com
www.regalar.water.blog
woodwindrepairfl.com
www.zealousperformance.com
www.zlfeedme.de
Other domains in certificate