What We Scan — SSL, Headers, DNSSEC, DMARC & More Explained

The HTTPS group checks whether your website properly encrypts all traffic using SSL/TLS, redirects insecure HTTP requests, and enforces secure connections through browser policies. These are the foundational checks for any secure website.

Valid SSL Certificate: Confirms your site has a properly configured SSL certificate issued by a trusted Certificate Authority (CA), and that it hasn't expired.

HTTPS Redirect: Verifies that HTTP requests are automatically redirected to HTTPS, ensuring all visitors use the encrypted version of your site.

HSTS (HTTP Strict Transport Security): Instructs browsers to only connect via HTTPS in the future, preventing protocol downgrade attacks and cookie hijacking.

TLS Version: Checks which version of TLS your server supports. TLS 1.2 or higher is recommended for optimal security.

Mixed Content: Detects if your HTTPS page loads resources (images, scripts, stylesheets) over insecure HTTP, which compromises the security of the entire page.

Learn more: What is SSL?

The Web Application group evaluates security headers, cookie configurations, and browser-enforced protections that defend your users against common web-based attacks like XSS, clickjacking, and session hijacking.

Content Security Policy (CSP): Prevents XSS and data injection attacks by specifying which content sources the browser should trust. A strong CSP significantly reduces the risk of malicious script execution.

Clickjacking Protection (X-Frame-Options): Prevents your site from being embedded in iframes on malicious domains, protecting users from being tricked into clicking hidden elements.

Cookie Security: Checks that cookies use the Secure flag (HTTPS-only transmission) and HttpOnly flag (no JavaScript access), preventing session hijacking and cross-site scripting attacks.

Security Headers Score: An overall score based on the presence of X-XSS-Protection, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy headers. Higher scores indicate better protection against common web vulnerabilities.

Learn more: OWASP Secure Headers Project

InternetSecure Uptime Monitoring continuously checks your websites and services from multiple geographic locations to ensure they are online and responding correctly. When downtime is detected, you are alerted immediately via your configured notification channels (Slack, Email, or JIRA) so you can respond quickly and minimise impact.

Checks run at regular intervals from five independent monitoring nodes. A consensus-based approach is used to avoid false positives — multiple nodes must agree that a service is down before an alert is triggered.

To get started, visit your Uptime Dashboard to add domains and configure alerting.

IP Whitelist

If your server uses a firewall or WAF that may block automated requests, please whitelist the following IP addresses to ensure uninterrupted monitoring:

45.77.71.241 107.191.48.117 108.61.174.176 66.42.33.226 64.176.3.66 139.84.226.210

Cloudflare WAF

Log in to the Cloudflare Dashboard and select your domain
Go to Security → WAF → Custom rules
Click Create rule
Set the rule name to Allow InternetSecure Monitoringclick to copy
Under If incoming requests match…, select IP Source Address → is in list, or use the expression:

(ip.src eq 45.77.71.241) or (ip.src eq 107.191.48.117) or (ip.src eq 108.61.174.176) or (ip.src eq 66.42.33.226) or (ip.src eq 64.176.3.66) or (ip.src eq 139.84.226.210) click to copy
Set the action to Skip → check All remaining custom rules
Click Deploy

Alternatively, add the IPs to a Cloudflare IP Access Rule under Security → Tools with action "Allow".

AWS WAF

Open the AWS WAF console and select your Web ACL
Go to IP sets in the left sidebar and click Create IP set
Name it InternetSecure-Monitoringclick to copy and add the following CIDRs:

45.77.71.241/32 107.191.48.117/32 108.61.174.176/32 66.42.33.226/32 64.176.3.66/32 139.84.226.210/32 click to copy
Go back to your Web ACL → Rules and click Add rules → Add my own rules
Select IP set, choose the set you created, and set action to Allow
Set the rule priority so it evaluates before any block rules
Click Save

Support Tickets

Create a support ticket and get a detailed response from our security experts. Free or Paid account required.

Response within 24-48 hours

Detailed security guidance

Track ticket status online

Create Support Ticket

Live Chat

Get instant help from our support team through live chat. Exclusive for Premium members.

Instant responses

Real-time problem solving

Available during business hours

Premium members: Look for the livechat inside an open support ticket

Understanding Our Security Checks

Support Tickets

Live Chat