What is the security status of cbp.gov?

cbp.gov has a security score of 56/100, rated as Moderate Risk. The website may have security concerns that should be addressed.

Is cbp.gov safe to use?

Our security scan shows cbp.gov is Moderate Risk. SSL security issues detected. Always practice safe browsing habits.

Does cbp.gov have viruses?

Our comprehensive security scan analyzes multiple security factors. Based on the overall security score of 56/100, the website is rated as Moderate Risk. However, websites can change over time, so always use updated security software.

What is cbp.gov's trust score?

cbp.gov has a security score of 56/100. This score is based on multiple factors including SSL security, security headers, DNS health, and compliance checks.

Is cbp.gov Safe? Security Analysis for Access Denied

https://cbp.gov

Check if cbp.gov is a scam or legitimate. Free security scan and reviews.

GovernmentN/alarge

Analyzed 9/4/2025Completed 10:13:49 PM

Security Score

MEDIUM RISK

AI Summary

The domain cbp.gov is a long-established government website registered since 2003, likely representing U.S. Customs and Border Protection or a related government entity. The domain is hosted behind Akamai's DNS and CDN services, indicating a robust technical infrastructure. However, the website content is currently inaccessible due to a Web Application Firewall or security mechanism, presenting an Access Denied error page. This blocking prevents any direct analysis of website content, metadata, or business information. Security posture cannot be fully assessed due to lack of accessible data, but the use of Akamai and a reputable registrar suggests a baseline of security. Privacy policies, contact information, and other compliance indicators are not visible, limiting the ability to evaluate GDPR or other regulatory compliance. Overall, the site appears legitimate but inaccessible for detailed analysis.

🧠AI Business Intelligence

Technology stack, business insights, and market analysis powered by AI.

Business Intelligence

Market & Strategic Analysis

Given the domain and WHOIS data, the website belongs to a government entity, likely involved in customs and border protection services. The domain age and hosting provider support a stable and authoritative presence. No business or marketing content is accessible to analyze market positioning, revenue streams, or partnerships. The lack of accessible content limits insights into customer segments or growth indicators. The domain's privacy protection is justified for a government site. No related or partner domains were identified from the limited data.

Security Posture Analysis

Comprehensive Security Assessment

The security posture assessment is limited by the blocked content. The domain uses Akamai DNS servers, which provide CDN and security services, indicating a strong infrastructure. However, no security headers or SSL configuration details were available. The presence of a WAF or security blocking mechanism is confirmed by the Access Denied page, which enhances protection but also limits transparency. No vulnerability disclosures, incident response contacts, or security policies are visible. Recommendations include enabling DNSSEC, publishing security policies, and ensuring accessible security headers.

Strategic Recommendations

Priority Actions for Security Improvement

Enable DNSSEC to enhance domain name system security.

✨Observations

AI-powered comprehensive website and business analysis.

AI-Enhanced Website Analysis

Generic Detected

Access Denied page with minimal HTML content and reference to edgesuite.net error page indicates WAF or security blocking.

Analysis results may be incomplete. For accurate analysis, please contact guard@offseq.com

Business Insights

Content Quality:

poor

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Design Quality:poor

User Experience:poor

Content Relevance:poor

Navigation Clarity:poor

Professionalism:poor

Trustworthiness:low

Key Observations

Website content is inaccessible due to WAF or security restrictions.

🛡️Security Headers

HTTP security headers analysis and recommendations.

Security Headers

HTTP security headers analysis

30/100

Score

Missing X-Frame-Options header

HIGH

Prevents clickjacking attacks

Missing X-Content-Type-Options header

MEDIUM

Prevents MIME type sniffing

📧Email Security

SPF, DKIM, and DMARC validation and email security assessment.

Email Security

SPF, DKIM, and DMARC validation

70/100

Score

No DKIM record found

MEDIUM

DKIM adds cryptographic signatures to emails

No BIMI Record

LOW

BIMI displays brand logos in email clients

No MTA-STS Policy

MEDIUM

MTA-STS enforces TLS for email delivery

No TLS-RPT Record

LOW

TLS-RPT provides reporting for email TLS issues

SPF

Sender Policy Framework

DKIM

DomainKeys Identified Mail

DMARC

Domain-based Message Authentication

MX Records

Mail Exchange Records

BIMI

Brand Indicators

MTA-STS

Mail Transfer Agent Security

TLS-RPT

TLS Reporting

DNSSEC

DNS Security

SPF Details

Record:

v=spf1 -all

DNS Lookups:0/10

Policy:-all

DMARC Details

Policy:reject

🏆SSL/TLS Security

Certificate validity and encryption analysis.

SSL/TLS Security

Certificate validity and encryption analysis

80/100

Score

Weak SSL Key Length

HIGH

SSL certificate uses 256-bit key, which is considered weak

Partial SSL/TLS Assessment

LOW

Completed 2 of 4 security checks due to time constraints

Certificate Details

Subject:www3.dhs.gov

Issuer:DigiCert Global G3 TLS ECC SHA384 2020 CA1

Valid Until:4/9/2026 (217 days)

SANs:www3.dhs.gov, ace-d3.cbp.gov, ace-d6.cbp.gov +64 more

OCSP Status

OCSP Stapling Disabled

📊DNS Health

DNS configuration and security assessment.

DNS Health

DNS configuration and security assessment

80/100

Score

DNSSEC Not Enabled

MEDIUM

DNSSEC is not configured for this domain

CAA Records Not Configured

LOW

Certificate Authority Authorization (CAA) records not found

Domain Delete Lock Not Enabled

LOW

Domain can be deleted without additional verification

Domain Registration Details

Domain Age

22 years(mature)

Expiry Risk

low(361 days)

Protection Level

basicDNSSEC OFF

Suspicious Indicators Detected

•Privacy/proxy registration detected

DNS Records

A Records:104.70.87.131

AAAA Records:2a02:26f0:480:5af::447a, 2a02:26f0:480:58c::447a

Name Servers:

a1-91.akam.net

a16-67.akam.net

a22-66.akam.net

a7-64.akam.net

a8-65.akam.net

a9-66.akam.net

DNSSEC Status

DNSSEC Not Enabled

⚡Network Security

Port scanning and network exposure analysis.

Network Security

Port scanning and network exposure analysis

100/100

Score

Good Network Security Posture

LOW

No unnecessary services detected on common risky ports

🔧Technical Analysis

Detailed technical findings and analysis from AI assessment.

Technical Analysis

Comprehensive security assessment findings

Additional Findings

The domain is hosted using Akamai's DNS infrastructure, a leading CDN and security provider, which suggests a modern and resilient technical setup. However, no CMS, frameworks, or analytics technologies could be detected due to the blocked content. The website returns an Access Denied page with minimal HTML, indicating a WAF or security challenge is active. No metadata, structured data, or scripts are present in the accessible content. Performance, mobile optimization, SEO, and accessibility cannot be evaluated. The domain registration is consistent with a government entity, with privacy protection enabled and a long registration period.

Analyze Another Website

Is cbp.gov a Scam? Security Check Results - cbp.gov Reviews

Is cbp.gov Safe? Security Analysis for Access Denied

AI Summary

🧠AI Business Intelligence

Business Intelligence

Security Posture Analysis

Strategic Recommendations

✨Observations

AI-Enhanced Website Analysis

Generic Detected

Business Insights

Technical Stack

Security Assessment

Analytics & Tracking

Advertising & Marketing

Website Quality Assessment

Key Observations

🛡️Security Headers

Security Headers

Missing X-Frame-Options header

Missing X-Content-Type-Options header

Missing Content-Security-Policy header

Missing X-XSS-Protection header

Missing Referrer-Policy header

Missing Permissions-Policy header

Sensitive data may be cached

👤GDPR Compliance

GDPR Compliance

No Privacy Policy found

No Cookie Policy found

No Cookie Consent Banner found

GDPR Compliance Analysis

🛡️NIS2 Compliance

NIS2 Compliance

No information security framework found

No vulnerability disclosure policy

No security policy documentation found

No incident response procedures found

No business continuity planning found

No security contact information

No vulnerability reporting mechanism

No NIS2 reference found

📧Email Security

Email Security

No DKIM record found

No BIMI Record

No MTA-STS Policy

No TLS-RPT Record

SPF Details

DMARC Details

🏆SSL/TLS Security

SSL/TLS Security

Weak SSL Key Length

Partial SSL/TLS Assessment

Certificate Details

OCSP Status

📊DNS Health

DNS Health

DNSSEC Not Enabled

CAA Records Not Configured

Domain Delete Lock Not Enabled

Domain Registration Details

DNS Records

DNSSEC Status

⚡Network Security

Network Security

Good Network Security Posture

🔧Technical Analysis

Technical Analysis

Additional Findings