Website Malware and SEO spam Scanner

Free website malware and SEO spam scanner.

93%
Health

www.example.com

104.20.23.154, 172.66.147.243  ·  Scanned 2026-06-27 19:13:13
0 critical 3 warning 6 good 2 of 3 free scans left
StatusOnline
HTTP status code200
Response time26 ms (Fast)
ProtocolHTTP/2
HTTPS availableYes
Forces HTTPS (redirects http→https)No the insecure http:// version is still reachable
DNS & reachability
Resolves to2 IPv4 · 2 IPv6
IPv6 (AAAA record)Yes
www vs non-wwwBoth work, same canonical
Routing
RedirectsNone (direct)
Content checks
Fake URL handlingCorrect fake URLs return 404
Parked / for-sale pageNot parked
Connection timing breakdown
DNS lookup1 ms
TCP connect1 ms
TLS handshake17 ms
Server processing7 ms
Content transfer0 ms
SSL / TLS Certificate
Certificate presentYes
Trusted & validYes
IssuerSSL Corporation
Issued toexample.com
Also covers (SAN)example.com, *.example.com
Expires2026-08-29 (63 days)
TLS versionTLSv1.3
CipherTLS_AES_256_GCM_SHA384 Strong
Security Headers (0 ok · 5 weak · 1 missing)
HeaderStateDetail
strict-transport-securityMissingHSTS not set — site is vulnerable to SSL stripping and protocol downgrade attacks
content-security-policyMissingNo Content Security Policy — no structural protection against XSS injection
x-frame-optionsMissingX-Frame-Options not set — site may be vulnerable to clickjacking
x-content-type-optionsMissingX-Content-Type-Options not set — browsers may MIME-sniff and execute malicious content
referrer-policyMissingReferrer-Policy not set — full URLs may leak to third parties via the Referer header
permissions-policyMissingPermissions-Policy not set — no restrictions on browser feature access
x-xss-protectionOptionalNot set — fine, this header is deprecated (CSP is the modern replacement)
cross-origin-opener-policyOptionalNot set — recommended for cross-origin isolation, but optional
cross-origin-resource-policyOptionalNot set — recommended to prevent your resources being embedded cross-origin
cross-origin-embedder-policyOptionalNot set — optional; needed only for full cross-origin isolation
set-cookieOptionalNo cookies set in the response (nothing to harden)
serverInfoConsider hiding or genericizing this header

No malware signatures matched. The scanned HTML, scripts and links are clean.

No SEO spam, cloaking, hidden links or pharma injection detected.

DNS Blacklists (0 of 5 blocking)
ServiceStatusResolved
CleanBrowsing Adult BlacklistCleanNOERROR
CleanBrowsing Security BlacklistCleanNOERROR
CloudFlare Family BlacklistCleanNOERROR
Google DNS BlacklistCleanNOERROR
Quad9 Security BlacklistCleanNOERROR
Domain Age & Registration
Domain age30.9 years (11275 days)
Registered1995-08-14
Expires2026-08-13 (46 days)
RegistrarRESERVED-Internet Assigned Numbers Authority
WHOIS privacyNo
  • Domain expires in 46 days — renewal recommended soon
GDPR riskLow
Analytics presentNo
Advertising trackersNo
Session-recording / fingerprintingNo
Privacy policy linkNo
Cookie consent bannerNo
Page HTML size0.5 KB
Server response time26 ms
Compression (gzip/br)Yes
Minified HTMLNo
Browser caching headersNo
Total scripts0
External scripts0
Render-blocking scripts0
Stylesheets0
Images0
  • No browser caching headers detected — repeat visitors re-download all assets

No fingerprintable technologies were detected.

External scripts referenced0
Stylesheets referenced1
IP address(es)104.20.23.154, 172.66.147.243
CountryUnknown
Site categoryCloud Service/Hosting

How this tool works?

This tool will scan your website URLs and look for the presence of malware injected on it. It will also look for SPAM seo and other signs of a compromise. We will check multiple blacklists to verify if any of them has the site listed as malicious.

What do we look for?

Spam SEO
Spam Links
Adult content
Gambling and Pharma injection
Iframe injections
Javascript injections
Malicious ads
Fake-AV redirections