~/d/hsbc.co.uk

// hsbc.co.uk

Live audit across 8 checks. Cached 24h · generated less than a minute ago.

domain_grade
A
strong
87
/ 100 · across 8 checks
// points lost on:
spf −5 security headers −5 dnssec −3
[ save & monitor ]
SSL Certificate
[ OK ]
Valid for 208 more days.
Issued by DigiCert EV RSA CA G2 · 208 days left · TLSv1.3
→ open SSL Certificate tool
DMARC Policy
[ OK ]
Strict DMARC policy enforced. Spoofed mail is rejected.
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:[email protected]; ruf=mailto:[email protected]
→ open DMARC Policy tool
SPF Record
[ WARN ]
Soft fail (~all). Unauthorized senders flagged but not rejected. Consider -all for stronger protection.
1 lookups · all=~all
→ open SPF Record tool
MX Records
[ OK ]
MX configured (2 record(s)).
10 mxb-00299f02.gslb.pphosted.com · 10 mxa-00299f02.gslb.pphosted.com
→ open MX Records tool
Name Servers
[ OK ]
6 authoritative nameservers
ns20.hsbc.net · ns20.hsbc.uk · ns21.hsbc.net
WHOIS
[ OK ]
Valid for 581 more days.
Registrar: Markmonitor Inc. · expires 2027-11-23
→ open WHOIS tool
Security Headers
[ WARN ]
Decent but improvable (57/100) — missing: Referrer-Policy, Permissions-Policy · weak: content-security-policy
Score 57/100
→ open Security Headers tool
DNSSEC
[ WARN ]
No DNSSEC — domain is not signed.
Not signed
→ open DNSSEC tool
[ embed_grade_badge ]
grade badge
Domain grade: A — strong
markdown (github readme)
[![DomBrains grade](https://dombrains.com/badge/hsbc.co.uk/grade.svg)](https://dombrains.com/d/hsbc.co.uk)
html (any webpage)
<a href="https://dombrains.com/d/hsbc.co.uk"><img src="https://dombrains.com/badge/hsbc.co.uk/grade.svg" alt="DomBrains grade: A"></a>
// re-queries our scoring engine · cached 1h at the edge · backlinks to this profile page
[ per_check_badges ]
ssl badge <img src="https://dombrains.com/badge/hsbc.co.uk/ssl">
dmarc badge <img src="https://dombrains.com/badge/hsbc.co.uk/dmarc">
spf badge <img src="https://dombrains.com/badge/hsbc.co.uk/spf">
mx badge <img src="https://dombrains.com/badge/hsbc.co.uk/mx">
dnssec badge <img src="https://dombrains.com/badge/hsbc.co.uk/dnssec">
security_headers badge <img src="https://dombrains.com/badge/hsbc.co.uk/security_headers">
// Snapshot freshness: this page is cached 24h. To force a re-scan, run any tool above with the same domain — that always queries live.