Is dayz-servers.org safe to use as a vendor?

dayz-servers.org scored 75/100 on LynxRadar's security posture assessment. The domain partially meets security requirements with some gaps to address. 8 checks passed, 3 warnings, 3 critical issues across 14 passive checks including TLS, DMARC, security headers, breaches, and CVEs.

Does dayz-servers.org have security headers configured?

dayz-servers.org has 2 of 5 recommended security headers. Present: X-Content-Type-Options, X-Frame-Options. Missing: CSP, Referrer-Policy, Permissions-Policy.

dayz-servers.org Security Report — Grade C (75/100)

Q: What TLS version does dayz-servers.org use?

dayz-servers.org uses TLSv1.3 with TLS_AES_256_GCM_SHA384. TLSv1.3 negotiated with TLS_AES_256_GCM_SHA384 (256-bit). Strong configuration with no deprecated protocols or weak ciphers detected.

Q: Does dayz-servers.org have DMARC configured?

Yes. dayz-servers.org's DMARC policy is set to 'none'. SPF record: yes. Strengths: SPF record present with soft-fail (~all). Issues: DMARC policy is 'none' (monitoring only, no enforcement); No DKIM records found for common selectors (domain may use custom selectors — this is not a confirmed gap).

Q: Does dayz-servers.org have SPF configured?

Yes. SPF record: v=spf1 ip4:141.94.167.11 include:_mailcust.gandi.net include:amazonses.com ~all

Q: Does dayz-servers.org use HSTS?

Yes. HSTS enabled: max-age=15552000s (180 days). includeSubDomains present. Missing preload directive.

Q: Is dayz-servers.org's SSL certificate valid?

Yes. Strengths: Certificate valid, 57 days remaining; Issued by Google Trust Services; 371 certificates logged in CT; Certificates from 6 CAs: "CloudFlare, "Cloudflare, COMODO CA Limited. Note: Wildcard certificate in use (*.domain) — covers all subdomains. Common practice; worth noting that compromise would affect all subdomains.

Q: Does dayz-servers.org have DNSSEC enabled?

Yes. Strengths: 2 nameservers configured (gina.ns.cloudflare.com., hugh.ns.cloudflare.com.); 2 MX records present; DNSSEC enabled; Zone transfers properly restricted.

75/100

dayz-servers.org

May 11, 2026 ·

1 Critical 0+ Warnings 8 Passed

AI Summary

dayz-servers.org scored 75/100, meeting baseline requirements but with 3 findings that require attention. The vendor can proceed with a remediation timeline agreement.

Critical gaps in: DMARC / Email Security, Security Headers, Cookie Security. Positive signals: MX Records & Mail Provider, DNS Configuration, TLS Configuration all passed.

2 action items identified, including 1 critical. The issues are configuration gaps, not architectural problems. A focused remediation effort of 2–5 days could address all findings.

Better than 55% of 2676 companies scanned.

055th pct100

A+

A-

B+

B-

C+

C-

D+

D-

DMARC / Email Security

Security Headers

Cookie Security

MTA-STS & TLS Reporting

DNS CAA Records

security.txt (RFC 9116)

MX Records & Mail Provider

DNS Configuration

TLS Configuration

TLS Protocol Support

Known Breaches

HSTS Header

CVE Exposure

Certificate Hygiene

dayz-servers.org

75/100

0 of 1 fixed

All 1 critical issue marked as fixed

Re-scan to confirm and update your score.

Set up email authentication (DKIM)

1–2 days

Without email authentication, anyone can send emails that appear to come from dayz-servers.org. This is the most common vector for phishing attacks targeting employees and customers. DKIM is not configured.

NIST CSFPR.AC-7

Email authentication is a required access control

ISO 27001A.13.2.1

Information transfer policies require email security controls

HIPAA§164.312(e)

Transmission security for electronic PHI

How to fix this

1Add SPF record to DNS: v=spf1 include:_spf.google.com ~all (adjust for your email provider)

2Configure DKIM signing with your email provider and publish the public key in DNS

3Add DMARC record: v=DMARC1; p=quarantine; rua=mailto:[email protected]

4Monitor DMARC reports for 2–4 weeks, then upgrade policy to p=reject

At a glance

Full data from this scan

TLS Version

TLSv1.3

TLSv1.3 negotiated with TLS_AES_256_GCM_SHA384 (256-bit). Strong configuration with no deprecated protocols or weak ciphers detected.

DMARC Policy

p=none

Strengths: SPF record present with soft-fail (~all). Issues: DMARC policy is 'none' (monitoring only, no enforcement); No DKIM records found for common selectors (domain may use custom selectors — this is not a confirmed gap).

SPF Record

Present

v=spf1 ip4:141.94.167.11 include:_mailcust.gandi.net include:amazonses.com ~all

Security Headers

2/5 present

Missing: CSP, Referrer-Policy, Permissions-Policy

HSTS

Enabled

HSTS enabled: max-age=15552000s (180 days). includeSubDomains present. Missing preload directive.

SSL Certificate

Valid

Strengths: Certificate valid, 57 days remaining; Issued by Google Trust Services; 371 certificates logged in CT; Certificates from 6 CAs: "CloudFlare, "Cloudflare, COMODO CA Limited. Note: Wildcard certificate in use (*.domain) — covers all subdomains. Common practice; worth noting that compromise would affect all subdomains.

DNSSEC

Enabled

Strengths: 2 nameservers configured (gina.ns.cloudflare.com., hugh.ns.cloudflare.com.); 2 MX records present; DNSSEC enabled; Zone transfers properly restricted.

Similar companies

Other domains with comparable security profiles.