Is your domain properly secured?
Enter any domain name to instantly verify its DNSSEC chain of trust, mail security configuration, and TLS certificate health — all from a single place, with no account required.
Check a domain →DNSSEC Validation
Validates the full chain of trust from the DNS root all the way
down to your domain, using live authoritative name servers.
Detects broken signatures, missing DS records, and expiring RRSIGs.
DNSKEY
DS
RRSIG
Chain depth
Mail Security
Checks every layer of email authentication and delivery security,
so you know whether your domain is protected against spoofing
and phishing.
MX
SPF
DKIM
DMARC
DANE
MTA-STS
BIMI
TLS Certificate
Inspects the live TLS certificate and the full certificate chain,
negotiated protocol version, cipher suite, HSTS header, and
CAA DNS records.
Leaf cert
Chain
TLS version
CAA
HSTS
How it works
1
Enter a domain
Type any domain name — e.g.
example.com
2
Run the checks
All three checks run in parallel against live DNS and TLS endpoints
3
Read the results
Each finding is colour-coded — green is good, yellow needs attention, red requires action
🛡️ All checks run directly from this server against authoritative DNS and live TLS endpoints.
No external services, no API keys, and no data is stored or logged beyond the current request.