Scan results
cloudfare.com
5/2/2026, 8:12:22 PM
82/ 100
Risk score
Good
Issues to address (2)
HTTPS reachability
web
Could not fetch the site over HTTPS to inspect security headers.
Fix: Ensure the site is served over HTTPS and reachable from the public internet.
CAA records
dns
No CAA records published. CAA records restrict which Certificate Authorities can issue certificates for your domain, reducing the risk of mis-issuance.
Fix: Publish CAA records naming the CAs you use, e.g. "0 issue \"letsencrypt.org\"" and "0 issue \"digicert.com\"".
Passed checks (8)
Port scan summary
ports
Checked 12 common ports on 104.21.77.216. Open: 80/HTTP, 443/HTTPS.
SPF record
email
SPF record is present and uses an enforcing policy.
DMARC policy
email
DMARC is published with a strict reject policy.
DKIM detection
email
DKIM key detected at selector(s): s1, google, k1, selector1, s2, mail, selector2, default.
MX records
email
MX records present (4). Mail will be routed to mailstream-canary.mxrecord.io.
Nameserver redundancy
dns
2 nameservers configured.
TLS certificate
tls
Valid certificate issued by WE1, expires in 33 days. Protocol: TLSv1.3.
HTTP → HTTPS redirect
web
HTTP requests redirect to HTTPS.