← new scan
~/scans/media.xquik.com.report
⇣ export pdf
target media.xquik.com
resolved172.67.195.116
scanned 2026-07-18 10:01:28
modules 7 of 7 completed
// overall risk
MEDIUM Risk
8 issues across 7 modules — 2 medium, 6 low
0 critical
0 high
2 medium
6 low
0 ok
01
WHOIS & DNS
DNS records retrieved — SPF & DMARC present
· LOW
// whois
registrar Cloudflare, Inc.
created 2026-02-19
expires 2027-02-19
updated 2026-06-06
nameserver gabe.ns.cloudflare.com
nameserver lauryn.ns.cloudflare.com
status client transfer prohibited
// dns records
A 104.21.84.178
A 172.67.195.116
AAAA 2606:4700:3037::6815:54b2
AAAA 2606:4700:3033::ac43:c374
www A 172.67.195.116
www A 104.21.84.178
www AAAA 2606:4700:3037::6815:54b2
www AAAA 2606:4700:3033::ac43:c374
MX 10 inbound-smtp.eu-west-1.amazonaws.com
NS GABE.NS.CLOUDFLARE.COM
NS LAURYN.NS.CLOUDFLARE.COM
// ip whois (2)
104.21.84.178 SSL unavailable for this endpoint, order a key at https://members.ip-api.com/ whois ↗
172.67.195.116 SSL unavailable for this endpoint, order a key at https://members.ip-api.com/ whois ↗
// email security
// txt records (5)
txt.01 yandex-verification: 46a7550a9dcd1c77
txt.02 google-site-verification=smTKuZE2yyONGA-NvRTTHUuLaTdi6EIEcN9c0wcSgKY
txt.03 n7tquwapk6
txt.04 openai-domain-verification=dv-YTJAgz6miDFiU2iSOFP55fEl
txt.05 v=MCPv1; k=ed25519; p=Jb7XrBpKa/+b7V/zXtKIPkUt7tYA35GcUXZxQVQ9Rjg=
// findings (6)
  • ok SPF record present
  • ok DMARC record present
  • ok 1 MX record(s) configured
  • · low No CAA records — any certificate authority can issue certs for this domain
  • · low No MTA-STS DNS record at _mta-sts — inbound mail can be downgraded
  • · low No TLS-RPT record at _smtp._tls — no visibility into TLS delivery failures
02
SSL / TLS Certificate
Valid certificate, expires in 59 days — TLSv1.3
· LOW
// raw output
issuer YE2
subject xquik.com
valid from Jun 17 15:19:25 2026 UTC
valid to Sep 15 15:19:24 2026 UTC
tls version TLSv1.3
// findings (3)
  • · low Certificate renews in 59 days — check auto-renewal
  • ok TLS 1.3 in use — best available protocol
  • ok HTTP redirects to HTTPS in 1 hop(s)
03
CMS Detection
No CMS detected
OK
// raw output
cms none detected
// findings (1)
  • ok No known CMS fingerprint found
04
Security Headers
2 of 7 headers missing
MEDIUM
// raw output
HSTS ok (max-age=31536000; includeSubDomains; pre)
CSP ok (default-src 'none'; base-uri 'none'; fra)
X-Frame-Options ok (DENY)
X-Content-Type-Options ok (nosniff)
Referrer-Policy ok (strict-origin-when-cross-origin)
Permissions-Policy MISSING
Cross-Origin-Opener MISSING
// findings (9)
  • medium Permissions-Policy missing — browser features not restricted
  • · low Cross-Origin-Opener-Policy not set
  • ok Referrer-Policy is configured
  • ok X-Frame-Options is configured
  • ok X-Content-Type-Options is configured
  • ok Content-Security-Policy is configured
  • ok Strict-Transport-Security is configured
  • medium CSP weakness — no object-src — should be set to 'none'
  • · low No /.well-known/security.txt — researchers cannot find a contact for vulnerability reports
05
Raw HTTP Headers
HTTP/3 · 20 headers · cloudflare
OK
// detected
Cloudflare Site is fronted by Cloudflare — WAF, DDoS protection and CDN caching active
HTTP/3 HTTP/3 (QUIC) in use — fastest available protocol, low latency and connection migration
GZIP compression Response is GZIP-compressed — reduces bandwidth usage
// raw headers (20)
status HTTP/3 403
nel {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
date Sat, 18 Jul 2026 10:01:25 GMT
vary Accept-Encoding
cf-ray a1d0a51bcef10f1d-ORD
server cloudflare
alt-svc h3=":443"; ma=86400
report-to {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare…
content-type application/xml
x-robots-tag noindex, nofollow
x-debug-bucket xquik
cf-cache-status DYNAMIC
referrer-policy strict-origin-when-cross-origin
x-frame-options DENY
content-encoding gzip
x-content-type-options nosniff
content-security-policy default-src 'none'; base-uri 'none'; frame-ancestors 'none'
strict-transport-security max-age=31536000; includeSubDomains; preload
access-control-allow-origin *
access-control-allow-methods GET, HEAD, OPTIONS
// findings (3)
  • ok Cloudflare detected (WAF + CDN)
  • ok HTTP/3 enabled — best available
  • ok GZIP compression active
06
External JS Libraries
No external JS libraries detected
OK
// raw output
external scripts 0 detected
// findings (1)
  • ok No third-party JavaScript files loaded
07
Malware & Blocklists
Clean — not present on any monitored blocklist
OK
// raw output
Google Safe Browsing clean
VirusTotal clean
injected scripts 0 detected
malware patterns 0 matches
// findings (3)
  • ok Google Safe Browsing — clean
  • ok VirusTotal — clean
  • ok No malware signatures found across monitored blocklists
// end of report · media.xquik.com · 2026-07-18 10:01:28 ↻ scan again