Is this a penetration test?
No. This is public-signal review only.
Free Domain Risk Check
Check your domain's public security signals.
Run a public-signal check for website reachability, TLS, email authentication, and common website security-header signals. No login, credential testing, exploit testing, or port scanning.
Public DNS lookups
One HTTPS HEAD request
No login or exploit testing
Public-signal only. We perform DNS lookups for SPF, DMARC, and MX, plus one HTTPS HEAD request to read security headers and verify TLS. No login attempts. No exploit testing. No port scanning. No credential testing. No data submitted to the scanned domain except a basic website request where applicable.
How to read your result
The score is not a security verdict. It shows how many basic public-facing controls were visible during the scan. Missing or unknown items usually mean something should be reviewed, not that there is a confirmed compromise.
Present
the signal was observed publicly
Missing
the signal was not observed publicly
Unknown
the signal could not be checked, often because DNS or website reachability failed
Common questions
Will this affect my website?
No. The scan uses public DNS lookups and a basic website request where applicable.
Why do I need a Snapshot if the scan is free?
The free scan shows what appears missing. The Snapshot gives the exact checklist after context is confirmed.