Open
Cached
·
just now
80/100
SECURITY SCORE
Detected Technologies
Certificate Information
Subject
C=US, ST=District Of Columbia, L=Washington, O=US Securities and Exchange Commission, CN=www.sec.gov
Issuer
C=US, O=DigiCert Inc, CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1
Valid From
July 25, 2025
Valid Until
July 25, 2026
83 days
Public Key
ECDSA
256 bit
(P-256)
Adequate
Signature Algorithm
ECDSA-SHA384
SHA-256 Fingerprint
9D:24:F5:A0:25:06:7D:3B:8B:0A:78:6E:61:EF:76:C0:FD:C6:1E:37:6F:33:95:F2:AA:DF:5A:5B:2A:51:C4:D7
Alternative Names
Security Configuration
TLS Protocols
TLS 1.2
TLS 1.3
Forward Secrecy
Supported
(Modern clients use PFS)
HTTP Security Headers
Status
Strict-Transport-Security
Excellent
max-age=31536000 ; includeSubDomains ; preload
X-Frame-Options
Missing
Not configured
X-Content-Type-Options
Missing
Not configured
Referrer-Policy
Missing
Not configured
Permissions-Policy
Missing
Not configured
Recommendations
- • Add Content-Security-Policy header to prevent XSS attacks
- • Add X-Frame-Options: DENY or SAMEORIGIN to prevent clickjacking
- • Add X-Content-Type-Options: nosniff
- • Add Referrer-Policy header (recommended: strict-origin-when-cross-origin)
- • Consider adding Permissions-Policy to control browser features
CAA Records (Certificate Authority Authorization)
CAA Records
Not Configured
(Any CA can issue certificates)
CAA Issues
- • No CAA records configured - any CA can issue certificates
Recommendations
- • Implement CAA records to restrict which CAs can issue certificates for your domain
- • This adds an extra layer of security against unauthorized certificate issuance
- • Example: Add CAA record 'example.com. CAA 0 issue "letsencrypt.org"'
- • Consider adding 'iodef' record to receive security incident reports
Subject Alternative Names
92 domains
sec.gov
acadia.sec.gov
acadiastg.sec.gov
adfs.sec.gov
akamai-ds.sec.gov
catalog.sec.gov
data-test.sec.gov
data.sec.gov
efap.sec.gov
efapstg.sec.gov
effssrtsweb-stage.sec.gov
effssrtsweb.sec.gov
efoia-pal.sec.gov
efts-stage.sec.gov
efts.sec.gov
enfdev.sec.gov
enfprod.sec.gov
enfstage.sec.gov
enftest.sec.gov
eslogin.sec.gov
esloginstg.sec.gov
hr4me.sec.gov
login.sec.gov
loginstg.sec.gov
omms.sec.gov
pavmwebtest.sec.gov
regandsurvey.sec.gov
tcr.sec.gov
tcrstg.sec.gov
tts.sec.gov
tts2.sec.gov
wts.sec.gov
wtsstg.sec.gov
www-test.sec.gov
www.sec.gov
xbrl.sec.gov
api-bravo.edgarfiling.sec.gov
api.edgarfiling.sec.gov
auth-bravo.edgarfiling.sec.gov
auth.edgarfiling.sec.gov
edgarfiling-alpha.edgarfiling.sec.gov
edgarfiling-beta.edgarfiling.sec.gov
edgarfiling-bravo.edgarfiling.sec.gov
effssrtsweb-stage.dynamic.sec.gov
effssrtsweb-stage.static.sec.gov
effssrtsweb.dynamic.sec.gov
effssrtsweb.static.sec.gov
fedwire.edgarfiling.sec.gov
feedback-alpha.edgarfiling.sec.gov
feedback-bravo.edgarfiling.sec.gov
fept-alpha.edgarfiling.sec.gov
fept.edgarfiling.sec.gov
filermanagement-beta.edgarfiling.sec.gov
filermanagement-bravo.edgarfiling.sec.gov
onlineforms-alpha.edgarfiling.sec.gov
onlineforms-beta.edgarfiling.sec.gov
onlineforms-bravo.edgarfiling.sec.gov
paygov.edgarfiling.sec.gov
penny.edgarcompany.sec.gov
portal-beta.edgarfiling.sec.gov
stage-api-bravo.edgarfiling.sec.gov
stage-auth-alpha.edgarfiling.sec.gov
stage-auth-bravo.edgarfiling.sec.gov
stage-auth.edgarfiling.sec.gov
stage-edgarfiling-alpha.edgarfiling.sec.gov
stage-edgarfiling-bravo.edgarfiling.sec.gov
stage-fedwire-alpha.edgarfiling.sec.gov
stage-fedwire.edgarfiling.sec.gov
stage-feedback-alpha.edgarfiling.sec.gov
stage-feedback-bravo.edgarfiling.sec.gov
stage-fept-alpha.edgarfiling.sec.gov
stage-fept.edgarfiling.sec.gov
stage-filermanagement-alpha.edgarfiling.sec.gov
stage-filermanagement-bravo.edgarfiling.sec.gov
stage-onlineforms-alpha.edgarfiling.sec.gov
stage-onlineforms-bravo.edgarfiling.sec.gov
stage-portal-alpha.edgarfiling.sec.gov
stage.edgarfiling.sec.gov
www.edgarcompany.sec.gov
www.edgarfiling.sec.gov
edgarfiling-enterprise.apps.edgar.sec.gov
edgarfiling-enterprise.appsdmz.edgar.sec.gov
stage.api-alpha.edgarfiling.sec.gov
stage.api.edgarfiling.sec.gov
stage.filermanagement.edgarfiling.sec.gov
stage.onlineforms.edgarfiling.sec.gov
stage.paygov-alpha.edgarfiling.sec.gov
stage.paygov.edgarfiling.sec.gov
stage.portal.edgarfiling.sec.gov
www.filermanagement.edgarfiling.sec.gov
www.onlineforms.edgarfiling.sec.gov
www.portal.edgarfiling.sec.gov