DNS Gurus
Cached · just now
90/100 SECURITY SCORE

Detected Technologies

See all in URL Inspect 4
Digital Analytics Program (DAP) logo Digital Analytics Program (DAP) DigiCert logo DigiCert Google Analytics logo Google Analytics Google Fonts logo Google Fonts

Certificate Information

Subject
C=US, ST=District Of Columbia, L=Washington, O=US Securities and Exchange Commission, CN=www.sec.gov
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
July 25, 2025
Valid Until
July 25, 2026 83 days
Public Key
ECDSA 256 bit (P-256) Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
9D:24:F5:A0:25:06:7D:3B:8B:0A:78:6E:61:EF:76:C0:FD:C6:1E:37:6F:33:95:F2:AA:DF:5A:5B:2A:51:C4:D7
Alternative Names
92 domains

Security Configuration

TLS Protocols
TLS 1.2 TLS 1.3
Forward Secrecy
Supported (Modern clients use PFS)

HTTP Security Headers

Status
Strict-Transport-Security
Excellent
max-age=31536000 ; includeSubDomains ; preload
Content-Security-Policy
Google Analytics logo
Good
default-src; style-src; font-src; +10 more Analyze
Content-Security-Policy-Report-Only
Missing
Not configured Analyze
X-Frame-Options
Good
SAMEORIGIN
X-Content-Type-Options
Good
nosniff
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
  • Strengthen CSP by removing 'unsafe-eval'
  • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
  • Consider adding Permissions-Policy to control browser features

CAA Records (Certificate Authority Authorization)

CAA Records
Not Configured (Any CA can issue certificates)
CAA Issues
  • No CAA records configured - any CA can issue certificates
Recommendations
  • Implement CAA records to restrict which CAs can issue certificates for your domain
  • This adds an extra layer of security against unauthorized certificate issuance
  • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
  • Consider adding 'iodef' record to receive security incident reports

Subject Alternative Names

92 domains
sec.gov acadia.sec.gov acadiastg.sec.gov adfs.sec.gov akamai-ds.sec.gov catalog.sec.gov data-test.sec.gov data.sec.gov efap.sec.gov efapstg.sec.gov effssrtsweb-stage.sec.gov effssrtsweb.sec.gov efoia-pal.sec.gov efts-stage.sec.gov efts.sec.gov enfdev.sec.gov enfprod.sec.gov enfstage.sec.gov enftest.sec.gov eslogin.sec.gov esloginstg.sec.gov hr4me.sec.gov login.sec.gov loginstg.sec.gov omms.sec.gov pavmwebtest.sec.gov regandsurvey.sec.gov tcr.sec.gov tcrstg.sec.gov tts.sec.gov tts2.sec.gov wts.sec.gov wtsstg.sec.gov www-test.sec.gov www.sec.gov xbrl.sec.gov api-bravo.edgarfiling.sec.gov api.edgarfiling.sec.gov auth-bravo.edgarfiling.sec.gov auth.edgarfiling.sec.gov edgarfiling-alpha.edgarfiling.sec.gov edgarfiling-beta.edgarfiling.sec.gov edgarfiling-bravo.edgarfiling.sec.gov effssrtsweb-stage.dynamic.sec.gov effssrtsweb-stage.static.sec.gov effssrtsweb.dynamic.sec.gov effssrtsweb.static.sec.gov fedwire.edgarfiling.sec.gov feedback-alpha.edgarfiling.sec.gov feedback-bravo.edgarfiling.sec.gov fept-alpha.edgarfiling.sec.gov fept.edgarfiling.sec.gov filermanagement-beta.edgarfiling.sec.gov filermanagement-bravo.edgarfiling.sec.gov onlineforms-alpha.edgarfiling.sec.gov onlineforms-beta.edgarfiling.sec.gov onlineforms-bravo.edgarfiling.sec.gov paygov.edgarfiling.sec.gov penny.edgarcompany.sec.gov portal-beta.edgarfiling.sec.gov stage-api-bravo.edgarfiling.sec.gov stage-auth-alpha.edgarfiling.sec.gov stage-auth-bravo.edgarfiling.sec.gov stage-auth.edgarfiling.sec.gov stage-edgarfiling-alpha.edgarfiling.sec.gov stage-edgarfiling-bravo.edgarfiling.sec.gov stage-fedwire-alpha.edgarfiling.sec.gov stage-fedwire.edgarfiling.sec.gov stage-feedback-alpha.edgarfiling.sec.gov stage-feedback-bravo.edgarfiling.sec.gov stage-fept-alpha.edgarfiling.sec.gov stage-fept.edgarfiling.sec.gov stage-filermanagement-alpha.edgarfiling.sec.gov stage-filermanagement-bravo.edgarfiling.sec.gov stage-onlineforms-alpha.edgarfiling.sec.gov stage-onlineforms-bravo.edgarfiling.sec.gov stage-portal-alpha.edgarfiling.sec.gov stage.edgarfiling.sec.gov www.edgarcompany.sec.gov www.edgarfiling.sec.gov edgarfiling-enterprise.apps.edgar.sec.gov edgarfiling-enterprise.appsdmz.edgar.sec.gov stage.api-alpha.edgarfiling.sec.gov stage.api.edgarfiling.sec.gov stage.filermanagement.edgarfiling.sec.gov stage.onlineforms.edgarfiling.sec.gov stage.paygov-alpha.edgarfiling.sec.gov stage.paygov.edgarfiling.sec.gov stage.portal.edgarfiling.sec.gov www.filermanagement.edgarfiling.sec.gov www.onlineforms.edgarfiling.sec.gov www.portal.edgarfiling.sec.gov