Instant cyber security rating
washingtondds38

To get a deeper insight into your entire organization, including surfacing data leaks and identity breaches, as well as your third-party vendors, book a free demo today.

Get a demo
Free trial

Last scanned: 2026-05-04

Powered by Breach Risk

Security Rating

UpGuard's Cyber Security Ratings range from 0 to 950. The higher the score, the better the security practices on the primary domain for washingtondds38.

Website Security

  • X-Frame-Options is not deny or sameorigin

    Browsers may display this website's content in frames. This can lead to clickjacking attacks.

  • CSP implemented unsafely

    The Content Security Policy may not restrict sources appropriately, or may contain 'unsafe-inline' without the use of a nonce or hash. This increases the risk of XSS attacks.

  • Server information header not exposed

    Ensuring the server information header is not exposed reduces the ability of attackers to exploit certain vulnerabilities.

  • X-Powered-By header not exposed

    Information about specific technology used on the server is obscured.

  • CSP implemented without insecure active sources

    The Content Security Policy does not allow any insecure active sources.

  • Referrer policy is not unsafe-url

    The website's Referrer Policy is not configured to allow unsafe information to be sent in the referrer header.

  • ASP.NET version header not exposing specific ASP.net version

    Ensuring the ASP.NET version header is not exposing a specific version makes it harder for attackers to exploit certain vulnerabilities.

  • ASP.NET version header not exposed

    Ensuring the ASP.NET version header is not exposed makes it harder for attackers to exploit certain vulnerabilities.

  • CSP implemented without insecure passive sources

    The Content Security Policy does not allow any insecure passive (img/media) sources.

  • CSP implemented without unsafe-eval

    A Content Security Policy is implemented to help protect against XSS and clickjacking attacks.

  • X-Content-Type-Options is not nosniff

    Browsers are prevented from interpreting files as a different MIME type to what is specified in the Content-Type HTTP header. This helps mitigate MIME confusion attacks.

  • No unmaintained page detected

    The page appears to be maintained.

Network

  • No ports are open

    No open ports were detected.

DNS

  • DNSSEC not enabled

    DNSSEC records prevent third parties from forging the records that guarantee a domain's identity. DNSSEC should be configured for this domain.

  • No subdomain takeover vulnerability detected

    No dangling DNS records that could lead to subdomain takeover were detected.

  • CAA enabled

    The domain contains a valid Certification Authority Authorization (CAA) record. A CAA record indicates which Certificate Authorities (CAs) are authorized to issue certificates for a domain.

Encryption

  • Insecure SSL/TLS versions available

    Any version of the SSL protocol, and TLS prior to version 1.2, are now considered insecure. The server should disable support for these old protocols.

  • Weak cipher suites supported in TLS 1.2

    Weak cipher suites can potentially be broken by a well resourced attacker, and should not be supported by the server unless very old devices or browsers must be supported.

  • Certificate not found on our revoked certificate list

    The site's certificate chain was checked against our list of revoked certificates.

  • SSL available

    SSL is supported for this site.

  • HTTP requests are redirected to HTTPS

    All HTTP requests are redirected to HTTPS.

  • Hostname matches SSL certificate

    The site's hostname matches the SSL certificate.

  • SSL has not expired

    SSL certificate has not expired.

  • Trusted SSL certificate

    The certificate presented by this domain was issued by a trusted certificate authority.

  • HTTP Strict Transport Security (HSTS) enforced

    With HSTS enforced, people browsing this site are less susceptible to man-in-the-middle attacks.

  • SSL certificate chain present in server response

    A complete SSL certificate chain was presented by the server for this domain.

  • SSL chain certificates do not expire within 20 days

    SSL intermediate and root certificates do not expire within 20 days.

  • SSL expiration period shorter than 398 days

    The SSL certificate presented by the server has an expiration period shorter than 398 days.

  • SSL has more than 20% of its valid period remaining

    SSL certificate does not expire in less than 20% of its total valid period.

  • Strong SSL algorithm

    Industry standard SHA-256 encryption in use.

  • Domain is included on the HSTS preload list

    Being included on the preload list gives the highest level of protection against MITM attacks for users of all major browsers.

  • Strong public certificate key length

    The site's public certificate provides at least 112 bits of security strength.

Data leakage

  • No open cloud storage service detected

    No cloud storage service configured to allow anonymous file listing was detected.

  • Domain index is not a listable directory

    The domain index is not a listable directory.

IP/Domain Reputation

  • Not a suspected malware provider

    This website does not appear to contain malicious code.

  • No reports of botnet activity in the last 30 days

    This IP/domain has not been reported as a source of botnet activity in the last 30 days.

  • No reports of brute force login attempts in the last 30 days

    This IP/domain did not appear on any list of IPs and domains known to perform brute force login attempts in the last 30 days.

  • No reports of malware distribution in the last 30 days

    This IP/domain has been reported for distributing malware in the last 30 days.

  • No reports of unsolicited scanning in the last 30 days

    This IP/domain has not been reported for performing unsolicited scanning in the last 30 days.

  • Not suspected of unwanted software

    This website does not appear to be attempting to install unwanted software.

  • Not a suspected phishing page

    This site does not appear to be a forgery or imitation of another website.

  • No reports of phishing activity in the last 30 days

    This IP/domain has not been reported as a phishing site in the last 30 days.

  • No reports of botnet activity in the last 90 days

    This IP/domain has not been reported as a source of botnet activity in the last 90 days.

  • No reports of brute force login attempts in the last 90 days

    This IP/domain did not appear on any list of IPs and domains known to perform brute force login attempts in the last 90 days.

  • No reports of malware distribution in the last 90 days

    This IP/domain has been reported for distributing malware in the last 90 days.

  • No reports of unsolicited scanning in the last 90 days

    This IP/domain has not been reported for performing unsolicited scanning in the last 90 days.

  • No reports of phishing activity in the last 90 days

    This IP/domain has not been reported as a phishing site in the last 90 days.

Vulnerability Management

  • Not vulnerable to CVE-2014-0160 (Heartbleed)

    A bug in OpenSSL's implementation of the TLS heartbeat extension allows access to portions of memory on the targeted host e.g. cryptographic keys and passwords.

  • Not vulnerable to CVE-2014-3566 (POODLE)

    The server does not support SSLv3, and is not vulnerable to the POODLE attack.

  • Not vulnerable to CVE-2015-0204 (FREAK)

    The server does not offer RSA_EXPORT cipher suites, so clients are not vulnerable to the FREAK attack.

  • Not vulnerable to CVE-2015-4000 (Logjam)

    The server is using strong Diffie-Hellman parameters and is not vulnerable to the Logjam attack.

More security reports

Compare your security performance with other companies.

View all security reports