Guest session
Check Detail

vologdascan.ru · DNS

Passed Grade A
100.0%
Hostname vologdascan.ru
Check name DNS
last run 30/06/2026 08:00
Result
Incomplete Grade C 70.5%

Result Detail

DNS
Host Type Answer TTL
188.120.229.39

Result Detail

HEADER
Alerts
  • Strict-Transport-Security: Strict-Transport-Security missing
  • Content-Security-Policy: Content-Security-Policy missing
  • X-Content-Type-Options: Header missing
  • X-Frame-Options: Header missing
  • Referrer-Policy: Header missing
  • Permissions-Policy: Permissions-Policy missing
  • Cross-Origin-Opener-Policy: Header missing
  • Cross-Origin-Embedder-Policy: Header missing
  • Cross-Origin-Resource-Policy: Header missing
  • Cache-Control: Cache-Control missing restrictive directives
  • Expect-CT: Expect-CT missing
  • X-Permitted-Cross-Domain-Policies: Header missing
  • Access-Control-Allow-Origin: Access-Control-Allow-Origin missing
  • Server: Sensitive header exposed
  • Origin-Agent-Cluster: Header missing
Normalized headers
server nginx
date Tue, 30 Jun 2026 06:00:36 GMT
content-type text/html
content-length 47985
last-modified Thu, 28 May 2026 09:00:37 GMT
vary Accept-Encoding
etag "6a180435-bb71"
accept-ranges bytes
Transport
Check name Status Actual Expected Detail Severity Recommendation
Strict-Transport-Security ❌ Missing max-age>=15768000; includeSubDomains; preload Strict-Transport-Security missing Critical Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Expect-CT ❌ Missing enforce; max-age>=86400 Expect-CT missing Medium Expect-CT: enforce, max-age=86400, report-uri="https://report.example.com"
Content Security
Check name Status Actual Expected Detail Severity Recommendation
Content-Security-Policy ❌ Missing default-src 'self'; frame-ancestors 'none' Content-Security-Policy missing Critical Content-Security-Policy: default-src 'self'; frame-ancestors 'none'
MIME
Check name Status Actual Expected Detail Severity Recommendation
X-Content-Type-Options ❌ Missing nosniff Header missing High X-Content-Type-Options: nosniff
Framing
Check name Status Actual Expected Detail Severity Recommendation
X-Frame-Options ❌ Missing DENY or SAMEORIGIN Header missing High X-Frame-Options: DENY
Privacy
Check name Status Actual Expected Detail Severity Recommendation
Referrer-Policy ❌ Missing strict-origin-when-cross-origin / same-origin Header missing Medium Referrer-Policy: strict-origin-when-cross-origin
Browser Features
Check name Status Actual Expected Detail Severity Recommendation
Permissions-Policy ❌ Missing camera=(); geolocation=(); microphone=() Permissions-Policy missing Medium Permissions-Policy: camera=(), geolocation=(), microphone=()
Cross-Origin
Check name Status Actual Expected Detail Severity Recommendation
Cross-Origin-Opener-Policy ❌ Missing same-origin Header missing High Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Embedder-Policy ❌ Missing require-corp Header missing High Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Resource-Policy ❌ Missing same-origin Header missing Medium Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster ❌ Missing ?1 Header missing Low Origin-Agent-Cluster: ?1
Caching
Check name Status Actual Expected Detail Severity Recommendation
Cache-Control ❌ Missing no-store, private, max-age=0 Cache-Control missing restrictive directives High Cache-Control: no-store, private, max-age=0
Legacy
Check name Status Actual Expected Detail Severity Recommendation
X-Permitted-Cross-Domain-Policies ❌ Missing none Header missing Low X-Permitted-Cross-Domain-Policies: none
CORS
Check name Status Actual Expected Detail Severity Recommendation
Access-Control-Allow-Origin ❌ Missing Scoped origin (no wildcard) Access-Control-Allow-Origin missing Medium Access-Control-Allow-Origin: https://app.example.com
Information Disclosure
Check name Status Actual Expected Detail Severity Recommendation
Server ❌ Missing nginx Header removed or generic Sensitive header exposed High Remove Server header or set to a generic token
X-Powered-By ✅ Passed Header removed Header not exposed High Remove X-Powered-By header
X-AspNet-Version ✅ Passed Header removed Header not exposed Medium Remove framework version headers
Raw headers
HTTP/2 200 
server: nginx
date: Tue, 30 Jun 2026 06:00:36 GMT
content-type: text/html
content-length: 47985
last-modified: Thu, 28 May 2026 09:00:37 GMT
vary: Accept-Encoding
etag: "6a180435-bb71"
accept-ranges: bytes

Result Detail

SSL
Check name Status Value
certificate chain is complete ✅ Passed 4
root CA is trusted ✅ Passed Trusted
cert valid for ✅ Passed 76
chain certs are valid until ✅ Passed 14.09.2026
CN matches Domainname ✅ Passed vologdascan.ru
certificate subject ✅ Passed CN=vologdascan.ru
certificate issuer ✅ Passed C=US, O=Let's Encrypt, CN=YR2
signature algorithm ✅ Passed RSA-SHA256
TLS protocol ✅ Passed TLSv1.3 TLS_AES_256_GCM_SHA384
Subject Alternative Names ✅ Passed vologdascan.ru, www.vologdascan.ru
Public Key ✅ Passed RSA 2048
Certificate chain
# Common name Issuer Valid until CA
0 vologdascan.ru C=US, O=Let's Encrypt, CN=YR2 14.09.2026 08:37:19 No
1 vologdascan.ru C=US, O=Let's Encrypt, CN=YR2 14.09.2026 08:37:19 No
2 YR2 C=US, O=ISRG, CN=Root YR 03.09.2028 01:59:59 Yes
3 Root YR C=US, O=Internet Security Research Group, CN=ISRG Root X1 03.09.2032 01:59:59 Yes
TLS details
Negotiated protocol TLSv1.3
Cipher suite TLS_AES_256_GCM_SHA384 (256 bit)
Cipher version TLSv1.3
Perfect Forward Secrecy Attention
Earliest chain expiry 14.09.2026 08:37
Fingerprints
SHA-256 99:46:A6:D5:01:B3:2E:85:15:1B:59:87:3F:64:9A:E0:1F:39:7D:B3:CB:AA:5A:4E:1D:E2:71:DB:C4:4A:18:60
SHA-1 94:A8:98:9F:E3:A4:1C:55:89:C9:F0:3D:3F:7D:55:6A:8B:58:7D:AD
Revocation
OCSP URLs
CRL URLs
Full Name: URI:http://yr2.c.lencr.org/59.crl
Issuer URLs (AIA)
http://yr2.i.lencr.org/
OCSP Must-Staple No
Trust evaluation

Attempted: Yes

Trusted: Yes

OpenSSL diagnostic command
openssl s_client -connect vologdascan.ru:443 -servername vologdascan.ru

Result Detail

WAF
Sign up to use!
Ownership verification required

Real WAF results become available after signing up. Until then we show you a small teaser from the imagination department.

  • Shield level Mythisch
  • Watchers Gremlins im Standby
  • Last attack Story folgt nach Registrierung