1. Summary
Overall inspection result and scoring overview.
PASS 6
FAIL 1
Overall
PASS
DNS
PASS
Mail
PASS
SSL
PASS
Security
FAIL
Hosting
PASS
Technology
PASS
Overall score details
Overall score 88/100
- Main reason: The domain appears to work, with quality or security improvements still available.
- The score is lower because one or more important checks need attention.
Passed
- A Records: 2 record(s) found
- AAAA Records: 2 record(s) found
- MX Records: 1 record(s) found
- NS Records: 2 record(s) found
- SOA Record: SOA record found
- TXT Records: 2 record(s) found
- NS Records at Parent Servers: elliott.ns.cloudflare.com | hera.ns.cloudflare.com
- Missing Glue: No required glue missing
- Name Servers Have A Records: All nameservers have IPv4 address records
- Name Servers Have AAAA Records: All nameservers have IPv6 address records
- Check Name Servers Count: 2 authoritative nameservers found
- Parent Authoritative NS Match: Parent and authoritative NS records match
Lowered by
- Glue Record Detection: No in-zone glue requirement detected
- Reverse DNS / PTR: No PTR records found for resolved addresses
- Mail Service Reachability: No tested mail service ports accepted a TCP connection
- HSTS: HSTS missing
- CSP: CSP missing
- X-Frame-Options: X-Frame-Options missing
- X-Content-Type-Options: X-Content-Type-Options missing
- Referrer-Policy: Referrer-Policy missing
- Permissions-Policy: Permissions-Policy missing optional header
- Web Server: Server software could not be identified
Improvements
- Review this check and fix the reported warning where applicable.
- Add an HSTS header after confirming HTTPS is stable.
- Add a Content-Security-Policy header.
- Add X-Frame-Options or use CSP frame-ancestors to reduce clickjacking risk.
- Add X-Content-Type-Options: nosniff.
- Add a Referrer-Policy header that matches the privacy needs of the site.
- Add a Permissions-Policy header to restrict unused browser features.
DNS score details
DNS score 97/100
- Main reason: DNS resolves and the authoritative nameservers are reachable.
- The score is lower because one or more important checks need attention.
Passed
- A Records: 2 record(s) found
- AAAA Records: 2 record(s) found
- MX Records: 1 record(s) found
- NS Records: 2 record(s) found
- SOA Record: SOA record found
- TXT Records: 2 record(s) found
- NS Records at Parent Servers: elliott.ns.cloudflare.com | hera.ns.cloudflare.com
- Missing Glue: No required glue missing
- Name Servers Have A Records: All nameservers have IPv4 address records
- Name Servers Have AAAA Records: All nameservers have IPv6 address records
- Check Name Servers Count: 2 authoritative nameservers found
- Parent Authoritative NS Match: Parent and authoritative NS records match
Lowered by
- Glue Record Detection: No in-zone glue requirement detected
- Reverse DNS / PTR: No PTR records found for resolved addresses
Improvements
- Review this check and fix the reported warning where applicable.
Mail score details
Mail score 88/100
- Main reason: Mail records or mail services were detected, with optional deliverability checks shown separately.
- The score is lower because one or more important checks need attention.
Passed
- SPF Validation: SPF valid | strict -all
- DMARC Validation: DMARC valid | p=reject | strict alignment
- DKIM: DKIM Found
Lowered by
- Mail Service Reachability: No tested mail service ports accepted a TCP connection
Improvements
- Review this check and fix the reported warning where applicable.
SSL score details
SSL score 100/100
- Main reason: SSL/TLS is available and the certificate checks did not find a blocking failure.
- No important weakness was found in this score group.
Passed
- SSL Certificate Detection: Certificate presented by HTTPS server
- Expiration Date: Certificate expires in 77 day(s)
- Issuer Information: Issuer information available
- Certificate Chain Validation: Certificate chain validates with the local trust store
- TLS Version Detection: Modern TLS versions supported
Improvements
- No immediate action is needed for this category based on the current checks.
Security score details
Security score 45/100
- Main reason: The site works, but browser security headers can be improved.
- The score is lower because one or more important checks need attention.
Security layers
- Basic validity score: 100/100
- Security quality score: 45/100
Missing
- HSTS missing
- CSP missing
- X-Frame-Options missing
- X-Content-Type-Options missing
- Referrer-Policy missing
- Permissions-Policy missing
Lowered by
- Multiple security headers missing
Improvements
- Add an HSTS header after confirming HTTPS is stable.
- Add a Content-Security-Policy header.
- Add X-Frame-Options or use CSP frame-ancestors to reduce clickjacking risk.
- Add X-Content-Type-Options: nosniff.
- Add a Referrer-Policy header that matches the privacy needs of the site.
- Add a Permissions-Policy header to restrict unused browser features.
Hosting score details
Hosting score 95/100
- Main reason: Hosting address and reachability signals are available.
- The score is lower because one or more important checks need attention.
Passed
- IPv4 Reachability: IPv4 address records found
- IPv6 Reachability: IPv6 address records found
Lowered by
- Web Server: Server software could not be identified
Technology score details
Technology score 100/100
- Main reason: Detected website software is informational and does not mean the domain is broken.
- No important weakness was found in this score group.
Passed
- Technology Fingerprints: 1 technology fingerprint(s) detected
Improvements
- No immediate action is needed for this category based on the current checks.