Four read-only checkers that probe a hostname from our infrastructure and give you the raw answer with no marketing in between. Use them to debug a site that's misbehaving for some users, audit your TLS certificate before it expires, or inspect what a CDN is actually sending back.
Open a real handshake on port 443 and read the peer certificate. Reports issuer, validity window, hostname coverage (SAN), signature algorithm, and chain depth.
Resolve A / AAAA / CNAME / MX / NS / TXT / SOA records using the system resolver, with a per-record-type timeout. Shows what every public resolver should see — useful when sites work for some users but not others.
Walk every Location header from an HTTP request through up to 10 hops. Surfaces scheme downgrades, cookie-drop loops, and CDN-driven redirect chains that hurt SEO and tank page-speed scores.
Capture every response header from an HTTP(S) request and grade the security headers (CSP, HSTS, X-Frame-Options, Permissions-Policy) A through F. Plain English on what's missing and why it matters.