Structure of Results
Each technical analysis generates a set of metadata grouped by category. These indicators help understand the strengths and weaknesses of a domain or scanned service. Categories include:- Technical Hygiene
- Network Exposure
- Reputation & Threats
- Public Data
- Vulnerabilities
- URL / Domain
- AI / Technical Scores
Technical Hygiene
| Key | Description |
|---|---|
| TLS_strength | Quality of TLS/SSL encryption (e.g., TLS 1.3 = strong, TLS 1.0 = weak) |
| TLS_expiry_days | Number of days before SSL certificate expiration |
| cert_self_signed | Indicates whether the certificate is self-signed (not issued by a trusted CA) |
| cert_cn | Common Name of the certificate, usually matching the domain name |
| san_count | Number of Subject Alternative Names included in the certificate |
| CSP_completeness | Coverage level of the Content Security Policy (CSP) |
| Security_headers_count | Number of security-related HTTP headers detected |
| CSRF_protection | Indicates whether CSRF protection is enabled |
| Secure_cookie_flag | Whether cookies are marked as Secure |
| CSP_header, HSTS_header, X_Frame_Options | Binary indicators for the presence of key HTTP headers |
Network Exposure
| Key | Description |
|---|---|
| Nb_ports_open | Number of open TCP ports detected |
| Risky_service_detected | Indicates the presence of sensitive or risky services (e.g., SSH, FTP, Telnet) |
| GeoIP_risk | Geographic risk associated with the IP address |
| Hosting_type | Hosting type (cloud, shared, dedicated, etc.) |
Reputation & Threats
| Key | Description |
|---|---|
| Blacklist_hits | Number of blacklists in which the domain appears |
| Nb_credential_leaks | Number of credential leaks associated with the domain |
| Presence_databreach | Whether the domain appears in known data breach databases |
| Oldest_breach_year | Year of the oldest detected breach |
| Darkweb_mentions | Number of mentions found on dark web sources |
| Tracker_detected / Tracker_found | Presence and types of trackers found on the site (ads, analytics, etc.) |
Public Data
| Key | Description |
|---|---|
| Metadata_exposure | Sensitive information exposed publicly |
| Metadata_score | Severity score of exposed information |
| Nb_insecure_cookies | Number of insecure cookies detected |
| Nb_headers_exposed | Number of HTTP headers exposing sensitive data |
| Nb_ssl_issues | Number of SSL-related issues identified |
| Domain_age_days | Age of the domain in days |
| WHOIS_privacy | Whether WHOIS privacy is enabled for the domain |
Vulnerabilities
| Key | Description |
|---|---|
| site_cpes | List of detected products or software identified by CPE |
| Nb_CVE_open | Number of known unpatched vulnerabilities (CVEs) |
| Max_CVE_severity | Highest severity level among detected CVEs |
| Exploit_available | Indicates whether a public exploit exists for a detected vulnerability |
URL / Domain
| Key | Description |
|---|---|
| domain_len | Length of the domain name |
| subdomain_depth | Depth of subdomains detected |
| has_idn | Indicates the use of internationalized domain names (IDN) |
| url | Full analyzed URL |
| label | Optional label provided from input data (e.g., CSV import) |
AI / Technical Scores
| Key | Description |
|---|---|
| score_ml | Score generated by the Machine Learning model |
| score_dl | Score generated by the Deep Learning model |
| score_ai | Global AI score (combining ML and DL outputs) |
| score_tech | Technical score computed from scanners and indicators |