~/d/gitlab.com
// gitlab.com
Live audit across 8 checks. Cached 24h · generated less than a minute ago.
domain_grade
B
good
77
/ 100 · across 8 checks
// points lost on:
security headers −12
ssl −8
dnssec −3
SSL Certificate
[ WARN ]
Expires in 20 days. Schedule renewal.
Issued by Sectigo RSA Domain Validation Secure Server CA · 20 days left · TLSv1.3
DMARC Policy
[ OK ]
Strict DMARC policy enforced. Spoofed mail is rejected.
v=DMARC1; p=reject; pct=100
SPF Record
[ OK ]
Strict SPF (-all). Unauthorized senders are rejected.
8 lookups · all=-all
MX Records
[ OK ]
MX configured. Detected provider: Google Workspace.
1 aspmx.l.google.com · 5 alt1.aspmx.l.google.com · 5 alt2.aspmx.l.google.com
Name Servers
[ OK ]
2 authoritative nameservers
diva.ns.cloudflare.com · jermaine.ns.cloudflare.com
Security Headers
[ CRIT ]
Weak security posture (17/100) — missing: CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
Score 17/100
[ embed_grade_badge ]
Domain grade: B — good
markdown (github readme)
[](https://dombrains.com/d/gitlab.com)
html (any webpage)
<a href="https://dombrains.com/d/gitlab.com"><img src="https://dombrains.com/badge/gitlab.com/grade.svg" alt="DomBrains grade: B"></a>
// re-queries our scoring engine · cached 1h at the edge · backlinks to this profile page
[ per_check_badges ]
<img src="https://dombrains.com/badge/gitlab.com/ssl">
<img src="https://dombrains.com/badge/gitlab.com/dmarc">
<img src="https://dombrains.com/badge/gitlab.com/spf">
<img src="https://dombrains.com/badge/gitlab.com/mx">
<img src="https://dombrains.com/badge/gitlab.com/dnssec">
<img src="https://dombrains.com/badge/gitlab.com/security_headers">