Scan complete · 1 May 2026
Website Health Check
A
91 / 100
realestate.com.au
https://www.realestate.com.au/
1.5s scan time
14 checks performed
A
Excellent
HTTPS & TLS
A+100%
All passingServer Security
B72%
Needs workContent Security
A+100%
All passingEmail Security
B77%
Needs workHTTPS & TLS
A+100%
SSL Certificate
Valid SSL certificate from DigiCert Inc - DigiCert Global G3 TLS ECC SHA384 2020 CA1, expires in 197 days. Learn more
5/5
TLS 1.2 Support
TLS 1.2 is supported. Learn more
10/10
TLS 1.3 Support
TLS 1.3 is supported (latest version, best performance). Learn more
5/5
TLS 1.0 Disabled
TLS 1.0 is disabled (deprecated protocol correctly rejected). Learn more
5/5
TLS 1.1 Disabled
TLS 1.1 is disabled (deprecated protocol correctly rejected). Learn more
5/5
Server Security
B72%
Domain Blacklist
Domain is not listed on any of the 3 DNS blacklists checked. Learn more
5/5
Open Redirect
No open redirect vulnerabilities detected via common parameters. Learn more
5/5
Exposed Sensitive Paths
Critical: /.env is publicly accessible (information disclosure risk). Learn more
0/5
security.txt
security.txt found with Contact and Expires fields (RFC 9116 compliant). Learn more
3/3
Content Security
A+100%
Redirect Chain
No redirects detected — URL resolves directly. Learn more
5/5
Email Security
B77%
SPF Record
SPF record found: v=spf1 redirect=realestate.com.au._spf.rea-group.com Learn more
3/3
DMARC Policy
DMARC policy set to "reject" — spoofed emails will be rejected. Learn more
4/4
DKIM Signing
DKIM record found for selectors: selector2, k1. Learn more
3/3
DNSSEC
DNSSEC is not enabled. DNS responses could be spoofed. Learn more
0/3
Recommendations
- 1criticalRestrict access to admin and sensitive paths using IP allowlists or authentication.
- 2lowEnable DNSSEC to protect against DNS spoofing attacks.
This scan checks publicly observable security configuration. It does not test for application-level vulnerabilities, perform penetration testing, or access any private data. Results are informational only.