DNS Gurus
Cached · just now
80/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 2
DigiCert logo DigiCert GeoTrust logo GeoTrust

Certificate Information

Subject
C=US, ST=District Of Columbia, L=Washington, O=US Securities and Exchange Commission, CN=www.sec.gov
Issuer
C=US, O=DigiCert Inc, OU=www.digicert.com, CN=GeoTrust TLS RSA CA G1
Valid From
October 12, 2025
Valid Until
October 13, 2026 164 days
Public Key
RSA 2048 bit Adequate
Signature Algorithm
SHA256-RSA
SHA-256 Fingerprint
DA:B7:5E:11:3B:DA:AF:CD:F1:EC:9F:0E:D1:E7:1A:F8:30:35:0E:FA:3E:39:33:9B:C2:2A:FE:BB:E7:63:6D:07
Alternative Names
70 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000 ; includeSubDomains ; preload
Content-Security-Policy
Missing
Not configured Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Add Content-Security-Policy header to prevent XSS attacks
  • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
  • Add X-Content-Type-Options: nosniff
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

70 domains
sec.gov acadia.sec.gov acadiastg.sec.gov adfs.sec.gov askhr.sec.gov data-test.sec.gov data.sec.gov dcmstg.sec.gov efap.sec.gov efapstg.sec.gov efoia-pal.sec.gov efoia-palstg.sec.gov efts-stage.sec.gov efts.sec.gov enfdev.sec.gov enfprod.sec.gov enfstage.sec.gov enftest.sec.gov eslogin.sec.gov esloginstg.sec.gov hub-dev.sec.gov hub-test.sec.gov login.sec.gov loginstg.sec.gov meetings.sec.gov meetings1.sec.gov meetings2.sec.gov regandsurvey.sec.gov search.sec.gov searchwww.sec.gov stgpal.sec.gov tcr.sec.gov tcrstg.sec.gov tts.sec.gov tts2.sec.gov wts.sec.gov wtsstg.sec.gov www-test.sec.gov www.sec.gov xbrl.sec.gov edgarfiling-beta.edgarfiling.sec.gov filermanagement-beta.edgarfiling.sec.gov onlineforms-beta.edgarfiling.sec.gov penny.edgarcompany.sec.gov penny.edgarfiling.sec.gov portal-beta.edgarfiling.sec.gov www.edgarcompany.sec.gov www.edgarfiling.sec.gov edgarfiling-enterprise.apps.edgar.sec.gov edgarfiling-enterprise.appsdmz.edgar.sec.gov edgarfiling.apps.edg-stg.sec.gov edgarfiling.appsdmz.edg-stg.sec.gov filermanagement.appsdmz.edg-stg.sec.gov filermgmt-enterprise.apps.edgar.sec.gov filermgmt-enterprise.appsdmz.edgar.sec.gov filermgmt.apps.edg-stg.sec.gov onlineforms-enterprise.apps.edgar.sec.gov onlineforms-enterprise.appsdmz.edgar.sec.gov onlineforms.apps.edg-stg.sec.gov onlineforms.appsdmz.edg-stg.sec.gov penny.filermanagement.edgarfiling.sec.gov penny.onlineforms.edgarfiling.sec.gov penny.portal.edgarfiling.sec.gov portal-enterprise.apps.edgar.sec.gov portal-enterprise.appsdmz.edgar.sec.gov portal.apps.edg-stg.sec.gov portal.appsdmz.edg-stg.sec.gov www.filermanagement.edgarfiling.sec.gov www.onlineforms.edgarfiling.sec.gov www.portal.edgarfiling.sec.gov