~/d/hsbc.com

// hsbc.com

Live audit across 8 checks. Cached 24h · generated less than a minute ago.

domain_grade
A
strong
87
/ 100 · across 8 checks
// points lost on:
spf −5 security headers −5 dnssec −3
[ save & monitor ]
SSL Certificate
[ OK ]
Valid for 293 more days.
Issued by DigiCert EV RSA CA G2 · 293 days left · TLSv1.2
→ open SSL Certificate tool
DMARC Policy
[ OK ]
Strict DMARC policy enforced. Spoofed mail is rejected.
v=DMARC1; p=reject; fo=1; ri=3600; rua=mailto:[email protected]; ruf=mailto:[email protected]
→ open DMARC Policy tool
SPF Record
[ WARN ]
Soft fail (~all). Unauthorized senders flagged but not rejected. Consider -all for stronger protection.
6 lookups · all=~all
→ open SPF Record tool
MX Records
[ OK ]
MX configured (2 record(s)).
10 mxa-00299f02.gslb.pphosted.com · 10 mxb-00299f02.gslb.pphosted.com
→ open MX Records tool
Name Servers
[ OK ]
6 authoritative nameservers
ns20.hsbc.net · ns20.hsbc.uk · ns21.hsbc.net
WHOIS
[ OK ]
Valid for 648 more days.
Registrar: MarkMonitor Inc. · expires 2028-01-29
→ open WHOIS tool
Security Headers
[ WARN ]
Decent but improvable (68/100) — missing: Permissions-Policy · weak: content-security-policy
Score 68/100
→ open Security Headers tool
DNSSEC
[ WARN ]
No DNSSEC — domain is not signed.
Not signed
→ open DNSSEC tool
[ embed_grade_badge ]
grade badge
Domain grade: A — strong
markdown (github readme)
[![DomBrains grade](https://dombrains.com/badge/hsbc.com/grade.svg)](https://dombrains.com/d/hsbc.com)
html (any webpage)
<a href="https://dombrains.com/d/hsbc.com"><img src="https://dombrains.com/badge/hsbc.com/grade.svg" alt="DomBrains grade: A"></a>
// re-queries our scoring engine · cached 1h at the edge · backlinks to this profile page
[ per_check_badges ]
ssl badge <img src="https://dombrains.com/badge/hsbc.com/ssl">
dmarc badge <img src="https://dombrains.com/badge/hsbc.com/dmarc">
spf badge <img src="https://dombrains.com/badge/hsbc.com/spf">
mx badge <img src="https://dombrains.com/badge/hsbc.com/mx">
dnssec badge <img src="https://dombrains.com/badge/hsbc.com/dnssec">
security_headers badge <img src="https://dombrains.com/badge/hsbc.com/security_headers">
// Snapshot freshness: this page is cached 24h. To force a re-scan, run any tool above with the same domain — that always queries live.