The giant Cloudflare has launched a completely free online tool that will allow us to quickly know if a domain is legitimate, or if, on the contrary, it is a domain designed specifically for phishing. Cloudflare Radar URL Scanner will allow us to obtain a large amount of technical details about any domain, it will inform us about SSL/TLS certificates, HTTP request and response data, as well as page performance, DNS records, as well as cookies and much more information. Do you want to know all the information that this new tool provides us?
Cloudflare Radar URL Scanner Features
This completely free online tool is available to anyone who wants to receive a complete report on a domain in question. Simply by entering the domain name, the tool will take care of scanning it in approximately 20 seconds, and it will provide us with a large amount of information about it. For example, some interesting information that you will provide us with is:
- If the domain is phishing to steal user credentials or for other scams.
- If there is a CSP (Content Security Policy) configured to avoid or mitigate possible XSS attacks suffered by websites.
- Data of the SSL/TLS certificate that you have configured.
- HTTP requests and also what HTTP responses we get.
- Website performance data.
- Complete DNS records that we have configured on the web.
- If you have cookies configured to be secure and as HttpOnly.
- What technologies and libraries the website uses.
One aspect that we did not like is that all reports are publicly accessible. If you have a domain that is in “testing” and you do not have it correctly configured, or if you have a subdomain that you do not want to make known, if you analyze it with this tool it will appear in the list of recent scanners and you will not be able to do anything to avoid it. Other similar tools such as Qualys to analyze the SSL/TLS of websites, allow us to scan in “incognito” mode without leaving a trace in the list of last analyzes.
The first thing we must do is enter the official website of Cloudflare Radar URL Scanneronce we are here, we simply have to enter the domain that we want to analyze in detail, and click on the button «scan«.
We have analyzed the domain of Caixabank.es, one of the main banks in Spain. In the “menu”Summary» We can see a summary of everything that it has been able to analyze, such as the domain name, the category where it is located and also the ranking of the most visited domains. We can also see a preview of the main website, and also if it is a phishing website and if it has CSP headers as mentioned above.
In the section of “Safety» we can see in more detail all the information about this, we can see if this website is Phishing, if it has CSP and also all the SSL/TLS certificates that are available.
In the section of “cookies» We can see all the cookies that we have available, in addition, it will also inform us if they are secure cookies or not, as well as if they are http only. In this way, we can have a global vision of how cookies work on this website.
In the “menu”Technology» we can see if they use some kind of CDN, the fact is that they have both Cloudflare and Amazon Cloudfront. In addition, it also uses other technologies related to the customer data platform, as well as the frameworks they use on the web.
In the section of “networks» We can see all the GET methods that it has carried out to enter the official website, and the HTTP status that it returns. For example, if we try to make a request to the main domain, it will return an HTTP 301 to redirect us to another website.
At the bottom we can also see the status of the DNS, both the type, name and its content. Finally, it tells us if it is protected with DNSSEC or not.
In the DOM section we can see all the links on the web, both internal and external.
And even the raw HTML code of the main web.
Finally, it will inform us about the performance of the web, to know if it is a fast or slow web.
As you can see, we have the time in ms for each of the tests he has performed.
Thanks to this new Cloudflare Radar tool we will be able to analyze any domain easily and quickly, and it will not only inform us about cookies or domains, but also about their performance.