Live website report

Website Exposure Scanner

Check what your public website exposes through HTTPS, redirects, security headers, DNS records, IPv6, and basic CDN/origin signals.

Use this as a first-pass website exposure estimate: what is visible, what is normal, what needs review, and what to fix first.

Run website scan Open Public Exposure Report

Result first Top issues next Technical details below

Safe Copy is available after the scan. It keeps issues and fixes while avoiding raw headers, exact sensitive values, oversized payloads, credentials, cookies, and tokens. See Safe Copy model.

Diagnosis first

Website Exposure Estimate

Run a scan to see website exposure results.

Website Exposure Estimate Ready No scan has run yet.

Enter one public domain or URL to check DNS, HTTPS, redirects, headers, HSTS, mixed content, IPv6 DNS, and basic CDN/origin signals.

Share the safe version from this result. Safe Copy keeps the website diagnosis and recommended fixes, while raw response details stay out of support tickets by default.

Copy safely Safe Copy

Top risks second

Top Issues

Maximum five issues, prioritized by severity.

Run a scan to see top issues.

Results appear in plain language before raw details.

Fixes third

Recommended Fixes

Actions are written for website, DNS, CDN, and hosting owners.

Technical details last

Connected Checks

Collapsed by default. Long values stay inside contained blocks.

How to read it

What the scanner checks

Public signals only, no account and no monitoring.

Transport and redirects

HTTPS availability, HTTP to HTTPS upgrade behavior, limited redirect chain, final status, and final host context.

Headers and browser protections

HSTS, Content-Security-Policy, frame protection, nosniff, referrer policy, permissions policy, and selected response metadata.

DNS and domain policy

A, AAAA, CNAME, NS, CAA, and limited DNSSEC DS/DNSKEY signals from a recursive DNS-over-HTTPS resolver.

Website exposure clues

Static mixed-content references, IPv6 DNS visibility, and cautious CDN/origin indicators without claiming origin IP proof.

Visible limits

Limitations

Clear boundaries keep the report honest.

This is an exposure estimate based on public DNS and HTTP/HTTPS signals. It is not a vulnerability scan, penetration test, malware scan, uptime monitor, or guarantee of security.

TLS certificate details may be limited by the runtime.
DNSSEC detection is a limited signal unless full validation is available.
Missing advanced security headers do not automatically mean the site is compromised.
Mixed-content detection is based on static HTML and may miss JavaScript-loaded resources.
CDN/origin exposure detection is best-effort and not proof of origin leakage.

Share safely

Copy Report

Safe copy keeps issue summaries and recommended fixes, but avoids raw headers and exact sensitive values.

Use safe copy before pasting a report into a ticket, chat, or vendor support request.

Monitoring beta (optional)

Website change history is available for beta review

Monitoring will compare website exposure history for SSL, HTTPS, redirects, HSTS, CSP, security headers, CAA, DNSSEC, mixed content, and hosting/CDN signal changes.

SSL and HTTPS regressions
HSTS or CSP removed
Redirect/final URL changes
CAA and DNSSEC signal changes

Review monitoring beta Run full report

Focused follow-up

Open a focused tool when one signal needs deeper review.

Public Exposure Report Domain Intelligence Report AI/Search Visibility Scanner Domain Security Scan Email Deliverability Doctor DNS Lookup Security Headers Checker SSL Certificate Checker Redirect Checker IP Blacklist Checker ASN Lookup

Website Exposure Checklist

From free website scan to careful change review

Use the free one-time scan first. Monitoring beta interest is only for approved public targets after the owner confirms scope.

SSL expiry/regressionReview certificate expiration, HTTPS availability, and TLS/HTTPS changes.

Security headers changedTrack HSTS, CSP, frame, nosniff, referrer, and permissions-policy changes.

robots/sitemap changedCompare robots.txt access, sitemap status, canonical/noindex, metadata, and structured data signals.

Client-safe copyShare issue summaries and fixes without raw headers, cookies, credentials, or tokens.

Run free website scan Review monitoring beta

One-time scans are free. Monitoring beta is optional, requires approved public targets, and does not mean public signup, automatic alerts, billing, or dashboards are live. See How We Make Money and the Affiliate Disclosure.

B2B diagnostic report model

Website and domain diagnostics

Public website checks connect HTTPS/SSL, redirects, headers, DNS, robots/sitemap, canonical/noindex, structured data, and social preview signals.

SummaryStart with a plain-language status for the public target.

Top issuesPrioritize the few findings that need attention first.

What passedShow expected public signals without turning them into a certification.

What needs reviewSeparate limited, unavailable, and review-worthy signals.

Why it mattersExplain the business, delivery, crawl, or implementation impact.

Recommended fixesPoint to the DNS, hosting, email, CMS, or SEO owner who can act.

What this tool cannot checkThis is not a vulnerability scan, penetration test, malware scan, uptime monitor, or full security audit.

Client-safe copyClient-safe copy should keep issue summaries and recommended fixes while avoiding raw headers, cookies, tokens, credentials, and oversized payloads.

Monitoring beta (optional)Optional monitoring beta can track public changes in SSL, redirects, headers, DNS, robots/sitemap, canonical/noindex, and metadata after a target is approved.

Client-safe report

Share findings without leaking raw technical material

Use Safe Copy or this page's summary when sending results to a client, vendor, developer, or support team. Raw headers, credentials, tokens, cookies, private addresses, email local-parts, and oversized payloads should stay out of client-facing copy.

Review Safe Copy Review monitoring beta

FAQ