// Domain Health · DNS · Email · SSL · WHOIS

Everything about one domain, on one page.

Enter a domain. We orchestrate our own checkers — DNS records, SPF / DKIM / DMARC, DNSSEC, SSL/TLS certificate, WHOIS — concurrently, with per-source attribution. Each section degrades gracefully if any one source is slow or unavailable.

Please enter a valid domain name (e.g. example.com).

[ 01 ] — What you get

Six signals, one screen.

DNS records

A, AAAA, MX, NS, TXT, SOA — the records that say where the domain lives, who handles its mail, and which servers are authoritative.

Email authentication

SPF presence + validity, DKIM (auto-probes common selectors when none is known — no false "not found"), DMARC policy + reporting address.

DNSSEC

Whether the chain of trust is intact — DS at the parent, DNSKEY at the domain, AD bit from Cloudflare DoH for headline status.

SSL / TLS certificate

Issuer, validity dates, expiry countdown, and SAN coverage — surfaced from the SSL inspector.

WHOIS

Registrar, creation and expiry dates, domain age, and authoritative nameservers — RDAP-first with legacy fallback.

Honest per-section status

Each section labeled with its own status (OK / warning / fail / unavailable). No opaque single "health score" — when something can't be checked, the section says so.

Every check reuses an existing tool's endpoint, so the same caching, upstream caps, and origin guards protect this page automatically. For a single deep-dive on any section, use the linked tool directly.