The whois name servers are not the same as the name servers from a dns query.
Whois return: ns3-l2.nic.ru., ns4-cloud.nic.ru., ns4-l2.nic.ru., ns8-cloud.nic.ru., ns8-l2.nic.ru.
DNS tree return: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru
Host has no "AAAA" (IPv6) field.
The https port is close while there is a website.
Version 2.4.10 has been found.
The Secure flag was not found.
The X-XSS-Protection header was not found.
The X-Content-Type-Options header was not found.
The Content-Security-Policy header was not found.
www.listock.ru was detected as host
Passed
The Bind version should not be visible otherwise it will be possible to search for potential security vulnerabilities of the version.
0.367s
Passed
In order for the availability rate of DNS servers to be at its highest, it is vital and recommended by the RFC to have at least 2 servers.
RFC0.000s
Passed
Every DNS servers should be accessible and accept public query.
0.010s
Passed
It's important that all servers returned a "success" code.
0.009s
Passed
Passed
IPs for DNS servers must be different in order to have high availability.
0.000s
Passed
The class C of each IP must be different so that the servers are not found on the same bay and therefore there is a risk of unavailability.
RFC0.001s
Passed
The SOA answered by the DNS servers must be identical for each servers. The most important information is the master server and the contact email address.
0.000s
Passed
Passed
Passed
Passed
DNS resolvers that allow queries from all IP addresses and are exposed to the Internet can be attacked and used to conduct Denial of Service (DoS) attacks on behalf of the hacker.
0.366s
Passed
An attacker can use a zone transfer that contains a malicious code or an inappropriate format that crashes a DNS server vulnerable to this type of attack, which results in a DoS that destabilizes the DNS services. It is possible to test it manually with this commands: #host -T axfr or #dig axfr.
documentation1.503s
Passed
Having a dns server that allow recursive queries is a security risk, DDOS attack can be performed.
RFC documentation documentation0.363s
Passed
Passed
It is extremely important that each DNS return the same MX records in order to avoid contacting an SMTP server that no longer exists.
0.367s
Skipped
The synchronization of the DNS servers must be perfect in order to avoid any dns resolution error. The servers must therefore give the same answer when asked "what are the DNS servers for the domain?".
0.000s
The whois name servers are not the same as the name servers from a dns query.
Whois return: ns3-l2.nic.ru., ns4-cloud.nic.ru., ns4-l2.nic.ru., ns8-cloud.nic.ru., ns8-l2.nic.ru.
DNS tree return: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru
The dns servers given in the domain whois must be the same as those returned by a dns resolution request.
0.000s
Passed
A domain must not be blacklisted or it will be penalized for referencing and deliverability of emails.
0.000s
Passed
Google safe browsing categorizes a domain as bad if something suspicious is detected.
0.000s
Passed
Virus Total analyze your domain or IP address with 66 antivirus.
0.000s
Passed
Web Of Trust rates thousands of websites and find threats if they exist.
0.000s
There is no mail server. Please test listock.ru.
Autodiscover not configured
Passed
When a sending server makes a connection to the recipient server, the recipient server notes the sending IP address and performs a reverse lookup, called a PTR lookup, named after the type of DNS record used. If the result of the reverse lookup matches the result of a forward DNS Lookup, then it's much more likely that the message is legitimate. If the IP address doesn't match, it's much more likely that the sending address was spoofed and therefore much more likely that it's unwanted and could be considered spam.
documentation0.000s
Skipped
Smtp servers that are listed in DNS area must be accessible, otherwise, there is a risk that emails may be lost
0.000s
Skipped
Skipped
Skipped
STARTTLS turns an unencrypted connection into a secure connection. Note: You can use a service like altospam to solve this problem. Click on the link below to learn more
0.000s
Skipped
EXPN command is now considered to be a security risk, spammers being able to harvest valid e-mail addresses via each mailing list.
0.000s
Skipped
As the EXPN command, VRFY is used by spammers to verify an address.
0.000s
Skipped
If a server is open relay, there is a risk that spammers use your server to send illegitimate mail.
0.000s
Skipped
Skipped
According to the RFC 5321, SMTP server should accept postmaster@yourDomain as a recipient.
RFC0.000s
Skipped
The banner must return (2xx) a valid (4xx) or temporary code.
0.000s
Skipped
Banner must contain the name of the server
0.000s
Skipped
There is a risk to display the type and the version of the server, because people can find a breach for a specific version and use it
0.000s
Как спасти алтайский язык от деградации и расширить сферы его употребления, дабы его статус соответствовал государственному не только на бумаге, но и на деле? Сей один-единственный вопрос стал предметом обсуждения участников региональной научно-практической конференции «О функционировании государственного алтайского языка на территории Республики Алтай», которая прошла 31 марта 2021 года в большом зале здания правительства региона. Многие из нас составили свое представление о российском правосудии по телевизионным ток-шоу и репортажам с громких судебных процессов с участием известных артистов, чиновников, бессмертного пациента немецкой клинике «Шарите», которых защищает, как правило, кого...
Host has no "AAAA" (IPv6) field.
It is highly recommended to have an IPv6 for the website.
0.000s
The https port is close while there is a website.
This test verifies the presence of a website for the given IP or domain. Then scans port 443.
If the domain or IP is pointing to a website then port 443 must be open so that it can be accessed from a browser.
Otherwise port 443 must be closed.
0.000s
Version 2.4.10 has been found.
To avoid giving details to malicious people, the version of the server should not be visible.
0.000s
The Secure flag was not found.
Using "HttpOnly" instruction prevents someone to access to cookies via Javascript. The secure flag will allow you to prevent a cookie from ever being communicated in simple HTTP. (RFC 6265 section 8.3)
RFC0.000s
The X-XSS-Protection header was not found.
The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.
documentation0.000s
The X-Content-Type-Options header was not found.
The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions.
RFC0.000s
The Content-Security-Policy header was not found.
The HTTP Content-Security-Policy response header allows web site administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (XSS).
documentation0.000s
Passed
The domain must have an A field in order for the website to be accessible.
0.000s
Passed
This test verifies the presence of a website for the given IP or domain. Then scans port 80.
If the domain or IP is pointing to a website then port 80 must be open so that it can be accessed from a browser.
Otherwise port 80 must be closed.
0.000s
Passed
To avoid giving details to malicious people, the technology that supports the application should not be visible.
0.000s
Skipped
WWW host is not required for a website, but it's better to have one.
0.000s
Skipped
If you configure a WWW host for your website, it is recommended to have an IPv6.
0.000s
