generated: '2026-07-11' method: probed source: live DNS/TLS/HTTP probes of apis.yml + OpenAPI hosts hosts: - host: haveibeenpwned.com https: true tls_version: TLSv1.3 cert_expires: Oct 4 17:44:25 2026 GMT hsts: true hsts_max_age: 31536000 - host: api.pwnedpasswords.com https: true tls_version: TLSv1.3 cert_expires: Oct 7 01:27:37 2026 GMT hsts: null domains: - domain: haveibeenpwned.com dnssec: true caa: - 0 issue "digicert.com; cansignhttpexchanges=yes" - 0 issue "letsencrypt.org" - 0 issue "pki.goog; cansignhttpexchanges=yes" - 0 issue "ssl.com" - 0 issuewild "comodoca.com" - 0 issuewild "digicert.com; cansignhttpexchanges=yes" spf: true dmarc: true dmarc_policy: reject - domain: pwnedpasswords.com dnssec: false caa: - 0 issuewild "pki.goog; cansignhttpexchanges=yes" - 0 issuewild "ssl.com" - 0 iodef "mailto:domains@troyhunt.com" - 0 issue ";" - 0 issue "comodoca.com" - 0 issue "digicert.com; cansignhttpexchanges=yes" spf: false dmarc: false