All tools
/ audit · 05

Domain Inspector

DNS, WHOIS, HTTP redirects, TLS certificate and email security (SPF / DMARC / MTA-STS) of a domain — resolved live.

Lookup

// Enter a domain to run the lookup.

Coverage

  • A / AAAA — IPv4 / IPv6
  • MX — mail servers, priority
  • TXT — SPF, DKIM, DMARC, verifications
  • NS — domain nameservers
  • CNAME / SOA — aliases, start of authority
  • CAA — certificate authorities (if supported)
  • whois — registrar, dates, status, nameservers
  • TLS — subject, issuer, validity, SAN, days remaining
  • email — SPF, DMARC, MTA-STS detected via DNS TXT
  • redirects — http/https + www follow, up to 10 hops
  • DNSSEC — DS, DNSKEY, AD flag (Cloudflare DoH)
  • PTR / GeoIP / ASN — PTR, country, ASN, hosting
  • SPF / DMARC / DKIM — SPF policy, DMARC parsing, DKIM probing
  • MTA-STS / TLS-RPT / BIMI — MTA-STS HTTPS policy, TLS-RPT reports, BIMI logo
  • Supported TLS versions — TLS 1.0/1.1/1.2/1.3 supported
  • HTTPS RR / SVCB / TLSA — modern DNS records
  • MX health — MX resolution, MX-as-CNAME detection
  • External ownership verifications — ownership verifications (Google, M365, Facebook…)
  • Discovered subdomains — exposed common subdomains
  • Recommendations — prioritized by impact