SSL Certificate Analysis for ausdevtemp.sproutmortgage.com - Security Grade & TLS Configuration

Open Cached · just now

76/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1

Let's Encrypt

Certificate Information

Subject

CN=apology.it

Issuer

C=US, O=Let's Encrypt, CN=R13

Valid From

May 16, 2026

Valid Until

August 14, 2026 64 days

Public Key

RSA 4096 bit Strong

Signature Algorithm

SHA256-RSA

SHA-256 Fingerprint

06:EC:DE:43:F8:58:7A:E1:D4:7E:17:ED:58:4B:5B:AF:68:37:EB:26:32:A8:AE:46:E7:AA:BA:32:8B:3A:C3:EC

Alternative Names

89 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Missing

Not configured

Content-Security-Policy

Missing

Not configured Analyze

Content-Security-Policy-Report-Only

Missing

Not configured Analyze

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Missing

Not configured

Referrer-Policy

Missing

Not configured

Permissions-Policy

Missing

Not configured

Recommendations

• Add Strict-Transport-Security header with max-age of at least 1 year
• Add Content-Security-Policy header to prevent XSS attacks
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
• Add X-Content-Type-Options: nosniff
• Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
• Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records

Not Configured (Any CA can issue certificates)

CAA Issues

• No CAA records configured - any CA can issue certificates

Recommendations

• Implement CAA records to restrict which CAs can issue certificates for your domain
• This adds an extra layer of security against unauthorized certificate issuance
• Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
• Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

89 domains

sproutmortgage.com *.sproutmortgage.com *.ausdevtemp.sproutmortgage.com *.automation.sproutmortgage.com *.docutechdev.sproutmortgage.com *.docutechuat1.sproutmortgage.com *.install.sproutmortgage.com *.okta.sproutmortgage.com *.sproutnet.sproutmortgage.com *.support.sproutmortgage.com

Other domains in certificate

0gomovirs.sbs *.0gomovirs.sbs *.32.0gomovirs.sbs

*.admin.apology.it apology.it *.apology.it *.dash.apology.it *.demo.apology.it *.hostmaster.apology.it *.intelligence.apology.it *.mx.apology.it *.plants.apology.it *.remote.apology.it *.superset.apology.it *.www.apology.it

b-l-l.de *.b-l-l.de

*.api.bolehcobakok.xyz bolehcobakok.xyz *.bolehcobakok.xyz *.ww38.bolehcobakok.xyz

entrenamientosenlinea.club *.entrenamientosenlinea.club *.uvavid.entrenamientosenlinea.club *.ww16.entrenamientosenlinea.club

*.api.ev77.ad *.assets.ev77.ad *.d56a8c7c-0c79-4a97-979a-d9a90b16382a.ev77.ad *.demo.ev77.ad ev77.ad *.ev77.ad *.test.ev77.ad *.www.ev77.ad

fintropy.com *.fintropy.com *.random.fintropy.com

fuss.live *.fuss.live *.members.fuss.live

jdavsp.com *.jdavsp.com *.ww16.jdavsp.com

*.amr.luzzatti.it *.demo.luzzatti.it *.glw.luzzatti.it *.kjj.luzzatti.it luzzatti.it *.luzzatti.it *.mengwei.luzzatti.it *.rdp.luzzatti.it *.rds.luzzatti.it *.secure.luzzatti.it *.vpnssl.luzzatti.it *.webmail.luzzatti.it *.www.luzzatti.it

menang4dpasti.com *.menang4dpasti.com

*.008c7617-ca51-4703-a91e-ab58684cffab.sherpaadvance.biz *.46mk54.sherpaadvance.biz *.app.sherpaadvance.biz *.backup.sherpaadvance.biz *.qjjpqq.sherpaadvance.biz sherpaadvance.biz *.sherpaadvance.biz *.staging.sherpaadvance.biz *.static.sherpaadvance.biz *.ttnwrvsv7hd.sherpaadvance.biz *.vsv7hd.sherpaadvance.biz

sv-og-juegesheim.de *.sv-og-juegesheim.de *.www.sv-og-juegesheim.de

*.2go.tigrido.com tigrido.com *.tigrido.com

*.jbj3z.wbsao-loaf.sbs wbsao-loaf.sbs *.wbsao-loaf.sbs *.y3e7z.wbsao-loaf.sbs *.yafx9.wbsao-loaf.sbs