Summary of blog.softwing.de [Desktop version] Website Security Test
Provided "as is" without any warranty of any kind.
Date/Time:Oct 21st, 2025 19:43 GMT+0
Server IP:217.160.0.248
Reverse DNS:217-160-0-248.elastic-ssl.ui-r.com
Location:Kassel, Germany
Version:for desktop
Your final score:
- A
- B
- C
- F
A+
This test was made 163 days ago and may be outdated
Refresh Test
It appears that system is not responding or blocking software fingerprinting attempts, performed from the following IP ranges: 192.175.111.224/27, 64.15.129.96/27, 70.38.27.240/28, 72.55.136.144/28. Please whitelist them for successful continuation of the test.
Misconfiguration or weakness
Executive Summary for blog.softwing.de
- 15 third-party web software dependancies were identified, including 3 outdated dependancies. No known vulnerabilities were detected. 5 identified third-party web software dependancies have unknown versions. The CMS (WordPress) was identified, however, its version could not be determined. The following CMS components, JS-libraries or frameworks were identified: core-js, Burst Statistics, jquery-migrate, and others. Software fingerprinting may be restricted by the system, so the results could be incomplete. Show details.
- No obvious GDPR-related compliance issues were detected across Privacy Policy, Website Security, TLS Encryption, Cookie Protection, Cookie Disclaimer. Website Security check may be incomplete due to a scanning timeout. Show details.
- No obvious PCI DSS compliance issues were detected for Requirements 6.3 and 6.4. Show details.
- Issues were identified with key security header misconfigured Content-Security-Policy. Optional HTTP headers appear to be properly configured: Server, X-Powered-By, Access-Control-Allow-Origin, Permissions-Policy, Referrer-Policy, Cache-Control, X-Permitted-Cross-Domain-Policies, Cross-Origin-Resource-Policy (CORP), Cross-Origin-Opener-Policy (COOP), Cross-Origin-Embedder-Policy (COEP). Deprecated HTTP headers detected: X-XSS-Protection. Show details.
- Content-Security-Policy is enforced but configuration issues were identified: directive errors, overly permissive directives, deprecated directives. A report-only Content-Security-Policy is not present. Show details.
- No cookies were detected. Show details.
- 6 external requests detected; all requests completed successfully. SRI is not used for 2 third-party JavaScript and CSS files. Show details.
- 1 robots.txt rule and 1 bot protection mechanism detected. No protection detected via User-Agent blocks or meta restrictions. Show details.
- DNS A record detected; DNSSEC signatures are present and fully validated. Show details.
