Website Security Test of www.cloudflare.com

Test your website and web server for security, privacy, encryption, protection from data scraping, and compliance with GDPR and PCI DSS
Free online tool with PDF report
  • Web Security Vulnerabilities Scan
  • AI Bot Protection Test
  • HTTP Security & Privacy Headers Test
  • DNSSEC Configuration Test
  • GDPR & PCI DSS Compliance Test
  • Content Security Policy (CSP) Test
Free online tool with PDF report
189,055,301 tests performed
Provided "as is" without any warranty of any kind
123
tests
running
28,801
tests
in 24 hours
Tests in 24 Hours
Share this report:

Summary of www.cloudflare.com [Desktop version] Website Security Test

Provided "as is" without any warranty of any kind.
Date/Time:Oct 23rd, 2025 06:47 GMT+0
Server IP:104.16.124.96
Reverse DNS:-
Location:N/AUnknown
Version:for desktop
Your final score:
  • A
  • B
  • C
  • F
A
This test was made 208 days ago and may be outdated
Refresh Test

Executive Summary for www.cloudflare.com

  • Web Software Security Test
    One third-party web software dependancy was identified. It appears to be outdated, but no known vulnerabilities were detected. No Content Management System (CMS) was identified. One CMS component, JS-library or framework was identified: react. Show details.
  • GDPR Compliance Test
    Potential GDPR compliance issues were identified related to Cookie Protection. Show details.
  • PCI DSS Compliance Test
    No obvious PCI DSS compliance issues were detected for Requirements 6.3 and 6.4. Show details.
  • HTTP Headers Security Test
    Issues were identified with key security header missing Content-Security-Policy. An optional HTTP header may not be properly configured: Report-To. Deprecated HTTP headers detected: X-XSS-Protection. Show details.
  • Content Security Policy (CSP) Test
    Content-Security-Policy headers are not present. Show details.
  • Cookies Privacy and Security Test
    6 cookies detected; _cfms_willow, _ga, kndctr_8AD56F28618A50850A495FB6_AdobeOrg_identity have security or privacy-related configuration issues. Show details.
  • External Content Security Test
    161 external requests detected; 5 requests failed. SRI is not used for 26 third-party JavaScript and CSS files. Show details.
  • Protection from Data Scraping Test
    2 User-Agent blocks and 1 bot protection mechanism detected. No protection detected via robots.txt rules or meta restrictions. Additional anti-scraping protection appears to be provided by external infrastructure. Show details.
  • DNSSEC Configuration Test
    2 DNS A records detected; DNSSEC signatures are present and fully validated. Show details.
Please wait. Data is loading...
Share this report: