DNS Gurus
Cached · just now
89/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 1
Google Trust logo Google Trust

Certificate Information

Subject
CN=community.sendpulse.com
Issuer
C=US, O=Google Trust Services, CN=WE1
Valid From
March 24, 2026
Valid Until
June 22, 2026 43 days
Public Key
ECDSA 256 bit (P-256) Adequate
Signature Algorithm
ECDSA-SHA256
SHA-256 Fingerprint
2B:C7:B8:7E:5F:4F:A6:95:92:AB:1D:D3:D1:42:45:59:78:F7:46:51:AD:4B:14:18:CA:8E:4A:AF:64:3B:0E:4F
Alternative Names
1 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Weak
max-age=0; includeSubDomains
Content-Security-Policy
Weak
object-src; font-src; img-src; +2 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Good
strict-origin-when-cross-origin
Permissions-Policy
Present
geolocation=(self)
Recommendations
  • Increase HSTS max-age to at least 1 year and add includeSubDomains
  • Significantly strengthen CSP directives
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking

CAA Records (Certificate Authority Authorization)

CAA Records
Configured (Restricts certificate issuance)
Current Issuer
Authorized (Matches CAA policy)
Authorized CAs
letsencrypt.org pki.goog ; cansignhttpexchanges=yes sectigo.com ssl.com
Wildcard CAs
ssl.com letsencrypt.org pki.goog ; cansignhttpexchanges=yes sectigo.com
Recommendations
  • Consider using critical flag (flags=128) for stricter CAA enforcement
  • You have authorized 4 CAs - consider limiting to only the CAs you actively use
  • Consider adding 'iodef' records to receive notifications about unauthorized certificate issuance attempts

Subject Alternative Names

1 domain
community.sendpulse.com