SSL Certificate Analysis for blog.progressive.cloud - Security Grade & TLS Configuration

Open Cached · just now

79/100 SECURITY SCORE

Certificate Information

Subject

CN=francoescamillatour.com

Issuer

C=US, O=Let's Encrypt, CN=R12

Valid From

February 02, 2026

Valid Until

May 03, 2026 83 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

BD:40:1F:D9:17:6F:79:96:FE:68:2C:97:AE:9E:30:EE:59:84:FA:33:2F:93:45:9A:F2:EB:6F:30:1A:49:A5:20

Alternative Names

90 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured

X-Frame-Options

Good

SAMEORIGIN

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

90 domains

progressive.cloud *.progressive.cloud

Other domains in certificate

francoescamillatour.com *.francoescamillatour.com

gliinsospettabili.com *.gliinsospettabili.com

historyofsingapore.com *.historyofsingapore.com

hymfy.pro *.hymfy.pro

informacase.com *.informacase.com

inmacchina.com *.inmacchina.com

intelesoft.net *.intelesoft.net

jarina.com *.jarina.com

jbyipe.pro *.jbyipe.pro

jijou.com *.jijou.com

laccata.com *.laccata.com

lemortgage.com *.lemortgage.com

materassogonfiabile.com *.materassogonfiabile.com

medassisted.rehab *.medassisted.rehab

mercatovalori.com *.mercatovalori.com

monolocaliaffittasi.com *.monolocaliaffittasi.com

montegrino.com *.montegrino.com

montemarenzo.com *.montemarenzo.com

neutralita.com *.neutralita.com

newconcept.travel *.newconcept.travel

nhda.net *.nhda.net

niardo.com *.niardo.com

ninjadeath.com *.ninjadeath.com

nuoveapplicazioni.com *.nuoveapplicazioni.com

oh-make-pros.com *.oh-make-pros.com

opiniones.net *.opiniones.net

opwemj.pro *.opwemj.pro

pabukuu.com *.pabukuu.com

peritielettronici.com *.peritielettronici.com

plsphf.tv *.plsphf.tv

pornchatvideos.xyz *.pornchatvideos.xyz

porntubeclub.xyz *.porntubeclub.xyz

protezioneindividuale.com *.protezioneindividuale.com

reclami.net *.reclami.net

registrare-dominio.com *.registrare-dominio.com

rinviare.com *.rinviare.com

ristorantidicarne.com *.ristorantidicarne.com

ritrovatevi.com *.ritrovatevi.com

sanpietrodifeletto.com *.sanpietrodifeletto.com

santa-fe.com *.santa-fe.com

search4home.com *.search4home.com

selectioni.com *.selectioni.com

snvdautomation.com *.snvdautomation.com

spasmodic.com *.spasmodic.com