Open
Cached
·
just now
77/100
SECURITY SCORE
Certificate Information
Subject
CN=tls.automattic.com
Issuer
C=US, O=Let's Encrypt, CN=E7
Valid From
January 13, 2026
Valid Until
April 13, 2026
80 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
3A:36:62:40:A9:F6:FE:85:6E:F8:52:95:B6:24:10:20:98:51:F9:D4:4C:F6:8F:CA:0A:65:0C:97:AF:E9:02:FE
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Present
max-age=31536000
Content-Security-Policy
Missing
Not configured
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Increase HSTS max-age to at least 1 year and add includeSubDomains
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
51 domains
tamara-mcwilliam.com
anonve.com
www.anonve.com
tls.automattic.com
vidadiaria.car.blog
www.vidadiaria.car.blog
cigarnewbie.com
www.cigarnewbie.com
amazingbits.code.blog
www.hackmemars.code.blog
soranoiro.family.blog
www.soranoiro.family.blog
littlerainbowsfashions.fashion.blog
www.littlerainbowsfashions.fashion.blog
www.onlineshoes.fashion.blog
hiteckygamer.game.blog
www.matchadtestingcyril.game.blog
www.proplayer123.game.blog
www.sportsdaily1.game.blog
www.hal-vorfjerm-eros.com
www.infinitymoonproductions.com
joy-in-my-journey.blog
danabansospkh2025.law.blog
www.danabansospkh2025.law.blog
maisongroup.net
www.zdhit.music.blog
zdhit.music.blog
nostalgicfuture.jp
michealbrendas.poetry.blog
sophiecooks.com
www.sophiecooks.com
stepfai.com
talkingcuban.com
www.talkingcuban.com
tecappeal.com
www.tecappeal.com
alexcomputing.tech.blog
aniketrtechcom.tech.blog
falisaaadlandz62.tech.blog
omicron.tech.blog
tendalogintechnology.tech.blog
www.diyartechnologies.tech.blog
www.joineredinburgh.tech.blog
www.les.tech.blog
www.omicron.tech.blog
terralicious.org
www.terralicious.org
www.terryrobc.com
the-center-of-the-universe.com
wininternational.co.jp
www.wininternational.co.jp
Other domains in certificate