SSL Certificate Analysis for login.ivans.com - Security Grade & TLS Configuration

Open Cached · just now

91/100 SECURITY SCORE

Certificate Information

Subject

CN=login.ivans.com

Issuer

C=US, O=Let's Encrypt, CN=E8

Valid From

February 04, 2026

Valid Until

May 05, 2026 86 days

Public Key

ECDSA 256 bit (P-256) Adequate

Signature Algorithm

ECDSA-SHA384

SHA-256 Fingerprint

EC:82:E7:F3:35:C1:DA:A9:42:9A:17:48:A9:4D:8F:67:A3:0F:AB:59:1B:E8:8F:8E:CB:31:3C:F4:C7:B6:E0:48

Alternative Names

1 domains

Security Configuration

TLS Protocols

TLS 1.2 TLS 1.3

Forward Secrecy

Supported (Modern clients use PFS)

HTTP Security Headers

Status

Strict-Transport-Security

Present

max-age=15768000; includeSubDomains; preload

Content-Security-Policy

Basic

default-src; script-src; script-src-elem; +10 more

default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: https://view.ceros.com https://www.googletagmanager.com https://code.jquery.com https://cdn.jsdelivr.net https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://munchkin.marketo.net https://js.driftt.com https://*.driftt.com https://players.brightcove.net https://*.brightcove.com https://*.brightcove.net https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://*.boltdns.net https://snap.licdn.com https://*.licdn.com https://px.ads.linkedin.com https://bat.bing.com https://*.bing.com https://static.oktopost.com https://*.oktopost.com https://tracking.g2crowd.com https://*.g2crowd.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://edge.api.brightcove.com https://cms.api.brightcove.com https://playback.api.brightcove.com https://analytics.api.brightcove.com https://sadmin.brightcove.com https://gallery.api.brightcove.com https://social.api.brightcove.com https://gallery-metrics.api.brightcove.com https://*.brightcovecdn.com https://manifest.prod.boltdns.net https://app.ezlynx.com https://*.ezlynx.com https://tracking-api.g2.com https://*.g2.com https://d1igp3oop3iho5.cloudfront.net https://connect.facebook.net https://js.zi-scripts.com https://*.zi-scripts.com https://ws-assets.zoominfo.com https://*.zoominfo.com https://www.google-analytics.com https://use.typekit.net https://p.typekit.net https://okt.to https://static.cloudflareinsights.com https://*.facebook.com https://*.fbcdn.net https://ajax.googleapis.com https://*.googleapis.com https://assets.ceros.com https://*.ceros.com https://cdn.rollbar.com https://cdn.intake-lr.com https://googleads.g.doubleclick.net https://*.doubleclick.net https://www.googleadservices.com https://*.googleadservices.com https://web-sdk.smartlook.com https://www.clickcease.com https://insight.appliedsystems.com https://templates.marketo.net https://creative-services.ceros.com https://s.adroll.com https://reg.eventmobi.com https://www.gstatic.com https://dyv6f9ner1ir9.cloudfront.net https://cdnjs.cloudflare.com https://*.marchex.io https://rw1.marchex.io https://www.appliednet.com https://az416426.vo.msecnd.net https://js.monitor.azure.com https://scdn.snapapp.com https://dyv6f9ner1ir9.cloudfront.net https://platform.twitter.com https://scripts.poll-maker.com https://cdn.cookielaw.org https://resources.ezlynx.com https://web-sdk-eu.aptrinsic.com https://cdn.siteimprove.net https://*.clarity.ms https://mountain.com https://*.mountain.com https://static.airtable.com https://*.airtable.com https://assets.adoberesources.net; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' blob: https://www.google.com https://*.google.com https://view.ceros.com https://www.googletagmanager.com https://code.jquery.com https://cdn.jsdelivr.net https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://munchkin.marketo.net https://js.driftt.com https://*.driftt.com https://players.brightcove.net https://*.brightcove.com https://*.brightcove.net https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://js.driftt.com https://*.driftt.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://*.boltdns.net https://snap.licdn.com https://*.licdn.com https://px.ads.linkedin.com https://bat.bing.com https://*.bing.com https://static.oktopost.com https://*.oktopost.com https://tracking.g2crowd.com https://*.g2crowd.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://edge.api.brightcove.com https://cms.api.brightcove.com https://playback.api.brightcove.com https://analytics.api.brightcove.com https://sadmin.brightcove.com https://gallery.api.brightcove.com https://social.api.brightcove.com https://gallery-metrics.api.brightcove.com https://*.brightcovecdn.com https://manifest.prod.boltdns.net https://app.ezlynx.com https://*.ezlynx.com https://tracking-api.g2.com https://*.g2.com https://d1igp3oop3iho5.cloudfront.net https://connect.facebook.net https://js.zi-scripts.com https://*.zi-scripts.com https://ws-assets.zoominfo.com https://*.zoominfo.com https://www.google-analytics.com https://use.typekit.net https://p.typekit.net https://okt.to https://static.cloudflareinsights.com https://*.facebook.com https://*.fbcdn.net https://ajax.googleapis.com https://*.googleapis.com https://assets.ceros.com https://*.ceros.com https://cdn.rollbar.com https://cdn.intake-lr.com https://googleads.g.doubleclick.net https://*.doubleclick.net https://www.googleadservices.com https://*.googleadservices.com https://web-sdk.smartlook.com https://www.clickcease.com https://insight.appliedsystems.com https://templates.marketo.net https://creative-services.ceros.com https://s.adroll.com https://reg.eventmobi.com https://www.gstatic.com https://dyv6f9ner1ir9.cloudfront.net https://cdnjs.cloudflare.com https://*.marchex.io https://rw1.marchex.io https://www.appliednet.com https://az416426.vo.msecnd.net https://js.monitor.azure.com https://scdn.snapapp.com https://dyv6f9ner1ir9.cloudfront.net https://platform.twitter.com https://scripts.poll-maker.com https://cdn.cookielaw.org https://resources.ezlynx.com https://web-sdk-eu.aptrinsic.com https://cdn.siteimprove.net https://*.clarity.ms https://mountain.com https://*.mountain.com https://static.airtable.com https://*.airtable.com https://assets.adoberesources.net; style-src 'self' 'unsafe-inline' https://view.ceros.com https://fonts.googleapis.com https://cdn.jsdelivr.net https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://js.driftt.com https://*.driftt.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://*.boltdns.net https://snap.licdn.com https://*.licdn.com https://static.oktopost.com https://*.oktopost.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://*.brightcove.com https://*.brightcove.net https://*.brightcovecdn.com https://use.typekit.net https://p.typekit.net https://assets.ceros.com https://*.ceros.com https://d2yeu2mwujl2s5.cloudfront.net https://insight.appliedsystems.com https://templates.marketo.net https://www.appliednet.com https://resources.ezlynx.com https://web-sdk-eu.aptrinsic.com; font-src 'self' data: https://view.ceros.com https://fonts.gstatic.com https://cdn.jsdelivr.net https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://form.jotform.com https://*.jotform.com https://vwo.com https://*.vwo.com https://js.driftt.com https://*.driftt.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://static.oktopost.com https://*.oktopost.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://*.brightcove.com https://*.brightcove.net https://*.brightcovecdn.com https://use.typekit.net https://p.typekit.net https://media-s3-us-east-1.ceros.com https://*.appliedsystems.com https://www.appliednet.com https://resources.ezlynx.com https://dhm5hy2vn8l0l.cloudfront.net; img-src 'self' data: https: https://view.ceros.com https://www.googletagmanager.com https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://players.brightcove.net https://*.brightcove.com https://*.brightcove.net https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://js.driftt.com https://*.driftt.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://*.boltdns.net https://snap.licdn.com https://*.licdn.com https://px.ads.linkedin.com https://bat.bing.com https://*.bing.com https://static.oktopost.com https://*.oktopost.com https://tracking.g2crowd.com https://*.g2crowd.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://*.brightcovecdn.com https://googleads.g.doubleclick.net https://www.google-analytics.com https://okt.to https://www.appliednet.com https://resources.ezlynx.com https://mountain.com https://*.mountain.com; frame-src 'self' https://*.outgrow.us https://view.ceros.com https://www.googletagmanager.com https://www.google.com https://maps.google.com https://*.google.com https://form.asana.com https://*.asana.com https://airtable.com https://*.airtable.com https://td.doubleclick.net https://app-abk.marketo.com https://*.marketo.com https://*.ivans.com https://players.brightcove.net https://*.brightcove.com https://*.g2.com https://*.brightcove.net https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://dev.visualwebsiteoptimizer.com https://*.visualwebsiteoptimizer.com https://js.driftt.com https://*.driftt.com https://cdn-cookieyes.com https://*.cookieyes.com https://static.oktopost.com https://*.oktopost.com https://js.idio.co https://*.idio.co https://*.brightcovecdn.com https://forms2.itswebs.com https://resources.ezlynx.com https://mountain.com https://*.mountain.com; connect-src 'self' https://www.googletagmanager.com https://app-abk.marketo.com https://*.marketo.com https://*.mktoutil.com https://*.ivans.com https://www.google.com https://google.com https://analytics.google.com https://dev.visualwebsiteoptimizer.com https://stats.g.doubleclick.net https://players.brightcove.net https://*.brightcove.com https://*.brightcove.net https://form.jotform.com https://*.jotform.com https://*.buzzsprout.com https://vwo.com https://*.vwo.com https://*.visualwebsiteoptimizer.com https://js.driftt.com https://*.driftt.com https://metrics.api.drift.com https://cdn-cookieyes.com https://*.cookieyes.com https://vjs.zencdn.net https://*.zencdn.net https://*.boltdns.net http://*.boltdns.net https://snap.licdn.com https://*.licdn.com https://px.ads.linkedin.com https://bat.bing.com https://*.bing.com https://static.oktopost.com https://*.oktopost.com https://tracking.g2crowd.com https://*.g2crowd.com https://js.idio.co https://*.idio.co https://cdn.bizible.com https://*.bizible.com https://siteimproveanalytics.com https://*.siteimproveanalytics.com https://web-sdk.smartlook.com https://*.smartlook.com https://*.smartlook.cloud https://manager.eu.smartlook.cloud https://edge.api.brightcove.com https://cms.api.brightcove.com https://playbook.api.brightcove.com https://analytics.api.brightcove.com https://sadmin.brightcove.com https://gallery.api.brightcove.com https://social.api.brightcove.com https://gallery-metrics.api.brightcove.com https://*.brightcovecdn.com https://manifest.prod.boltdns.net https://app.ezlynx.com https://*.ezlynx.com https://tracking-api.g2.com https://*.g2.com https://www.google-analytics.com https://googleads.g.doubleclick.net https://okt.to https://www.facebook.com https://*.facebook.com https://js.zi-scripts.com https://*.zi-scripts.com https://ws-assets.zoominfo.com https://*.zoominfo.com https://373-dbf-030.mktoresp.com https://api.ceros.com https://media.ceros.com https://d1igp3oop3iho5.cloudfront.net https://*.marchex.io https://rw1.marchex.io https://www.appliednet.com https://www.google.ca https://*.google.ca https://resources.ezlynx.com https://esp-eu.aptrinsic.com https://my2.siteimprove.com https://*.clarity.ms https://*.compute.amazonaws.com https://mountain.com https://*.mountain.com https://44.238.122.172 https://100.20.58.101 https://35.85.84.151 https://44.228.85.26 https://34.215.155.61 https://35.160.46.251 https://52.71.121.170 https://18.210.229.244 https://44.212.189.233 https://3.212.39.155 https://52.22.50.55 https://54.156.2.105 https://*.cloud.adobe.io wss://*.cloud.adobe.io https://dc.services.visualstudio.com https://js.monitor.azure.com https://assets.adoberesources.net; media-src 'self' https://*.brightcove.com https://*.brightcove.net https://*.boltdns.net http://*.boltdns.net https://*.brightcovecdn.com https://media.ceros.com https://media-s3-us-east-1.ceros.com blob: data:; worker-src 'self' blob:; object-src 'none'; upgrade-insecure-requests; frame-ancestors 'self' https://*.ezlynx.com/ https://*.appliedsystems.com/ https://*.ivans.com/ https://*.agentinsure.com/ https://*.uatezlynx.com/ https://*.vtpezlynx.com/ https://*.devezlynx.com/ https://appliedsystems--devprob.sandbox.my.site.com/ https://appliedsystems--devproa.sandbox.my.site.com/ https://appliedsystems--uat.sandbox.my.site.com/ https://appliedsystems--uat.sandbox.my.site.com/AppliedClientCommunity/s/ https://community.appliedsystems.com/;

X-Frame-Options

Missing

Not configured

X-Content-Type-Options

Good

nosniff

Referrer-Policy

Good

strict-origin-when-cross-origin

Permissions-Policy

Present

geolocation=(), microphone=(), camera=(), payment=(), usb=()

Recommendations

• Increase HSTS max-age to at least 1 year and add includeSubDomains
• Improve CSP by adding more specific directives and removing 'unsafe-inline'
• Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking

CAA Records (Certificate Authority Authorization)

CAA Records

Configured (Restricts certificate issuance)

Current Issuer

Authorized (Matches CAA policy)

Authorized CAs

letsencrypt.org

Recommendations

• Consider using critical flag (flags=128) for stricter CAA enforcement
• Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts
• Consider adding 'issuewild' records to control wildcard certificate issuance

Subject Alternative Names

1 domain