What does the internet
already know about your risk?
Get an instant external attack surface grade for any domain. We check DNS, email spoofing protection, TLS, security headers, and exposed services β using only public data.
No login required. Passive assessment β we never send intrusive traffic to your systems.
What we grade
Five categories that determine how exposed a domain looks from the outside.
TLS & HTTPS
Whether the site enforces HTTPS, redirects plaintext, and protects against downgrade attacks.
Email spoofing
SPF and DMARC records that stop attackers from sending mail as your domain.
Security headers
HSTS, CSP, and related headers that harden the browser against common attacks.
Exposure
Open ports, known CVEs, and forgotten subdomains discovered from public sources.
DNS hygiene
Resolvability, CAA records, and configuration that reduces the risk of hijack or mis-issuance.
Continuous monitoring
Upgrade to re-scan on a schedule and get alerted the moment your grade drops.
Recently scanned
A live sample of domains graded on the platform.
98/100
Know your grade before an attacker does
Run a free scan now, then create an account to track changes over time.
Scan a domain β