Domain Info & Health Check
Domain
DNS
Web
Security
What does Domain Explorer do?
Domain Explorer provides general and security information about a domain. Just enter the domain name and press the Free Scan button. It provides the following information:
1. Domain WHOIS
WHOIS information includes details about the domain registration such as the registrar, registration date, expiration date, and contact information for the domain owner. This data helps identify who owns the domain and the associated administrative and technical contacts.
2. Server Info
Server information provides details about the web server hosting the domain. This can include the server’s IP address, hosting provider, geographical location etc.
3. Nameservers
Nameservers are part of the domain’s DNS settings and direct traffic to the correct IP addresses. The tool lists the nameservers associated with the domain, which is crucial for domain name resolution.
The tool also checks if the nameserver supports DNS-over-HTTPS.
4. DNS Records
DNS records are a set of instructions that store information about the domain and are stored on DNS servers. They include various record types such as:
- A Record: Maps a domain to an IPv4 address.
- AAAA Record: Maps the domain to an IPv6 address.
- MX Record: Directs email to an email server.
- CNAME Record: Alias from one name to another.
- TXT Records: Textual information, often used for SPF records and domain verification.
5. Email Configurations
This includes records and settings related to email services such as MX records, SPF, DKIM, and DMARC configurations, which help in authenticating email and preventing spoofing and phishing. For more detailed email configurations checkup, please use our email tool.
6. Website Blacklists
Checks if the domain or associated IP addresses are listed on any blacklists that indicate malicious activity. This is important for maintaining a good reputation and avoiding being flagged by security services.
7. Email Blacklists
Similar to website blacklists, this checks if the domain’s email servers are listed on blacklists, which can affect email deliverability and domain reputation.
8. SSL Certificate
Provides details about the SSL certificate used by the domain, including the issuer, validity period, and encryption strength. SSL certificates are crucial for securing data transferred between the user and the server.
9. HTTP Headers
HTTP headers provide metadata about the website’s responses. This includes information such as content type, server type, caching policies, and security policies.
10. HTTP Security
Evaluates the security of the HTTP headers, checking for implementations of security measures like Content Security Policy (CSP), HTTP Strict Transport Security (HSTS), and X-Content-Type-Options.
11. Firewall
Information about any firewall settings or protection measures in place to secure the domain from unauthorized access and attacks.
12. TLS Cipher Suites
Details about the Transport Layer Security (TLS) cipher suites supported by the server. This is critical for securing communications and ensuring the integrity and confidentiality of data.
13. DNSSEC
DNS Security Extensions (DNSSEC) add an extra layer of security to the DNS lookup process, ensuring that the responses to DNS queries are authentic and have not been tampered with.
14. Open Ports
Lists open network ports on the server. This is important for identifying potential security vulnerabilities and ensuring that only necessary services are exposed to the internet.
The following ports are checked:
Port Number | Service Name | Description |
20 | FTP Data |
Used for data transfer in File Transfer Protocol (FTP).
|
21 | FTP |
Control channel for File Transfer Protocol (FTP).
|
22 | SSH |
Secure Shell for secure login and remote management.
|
23 | Telnet |
Unencrypted remote login protocol (not recommended due to security risks).
|
25 | SMTP |
Simple Mail Transfer Protocol for sending emails.
|
53 | DNS |
Domain Name System for resolving domain names to IP addresses.
|
67 | DHCP (Server) |
Dynamic Host Configuration Protocol server for assigning IP addresses.
|
68 | DHCP (Client) |
Dynamic Host Configuration Protocol client for requesting IP addresses.
|
69 | TFTP |
Trivial File Transfer Protocol for simple file transfers.
|
80 | HTTP |
Hypertext Transfer Protocol, the foundation of web communication.
|
110 | POP3 |
Post Office Protocol 3 for retrieving emails.
|
119 | NNTP |
Network News Transfer Protocol for accessing newsgroups.
|
123 | NTP |
Network Time Protocol for synchronizing system clocks.
|
143 | IMAP |
Internet Message Access Protocol for accessing and managing emails.
|
156 | SQL Service |
Default port for Microsoft SQL Server communication.
|
161 | SNMP |
Simple Network Management Protocol for network device management.
|
162 | SNMP Trap |
Used by SNMP for sending event notifications.
|
179 | BGP |
Border Gateway Protocol for routing information exchange between networks.
|
194 | IRC |
Internet Relay Chat for communication through chat channels.
|
389 | LDAP |
Lightweight Directory Access Protocol for accessing directory information.
|
443 | HTTPS |
Secure Hypertext Transfer Protocol, the secure version of HTTP.
|
465 | SMTP (SSL) |
Secure Simple Mail Transfer Protocol using SSL encryption.
|
587 | SMTP (TLS) |
Secure Simple Mail Transfer Protocol using TLS encryption.
|
993 | IMAP (SSL) |
Secure Internet Message Access Protocol using SSL encryption.
|
995 | POP3 (SSL) |
Secure Post Office Protocol 3 using SSL encryption.
|
3000-3305 | Custom |
Often used for various web applications or services.
|
3306 | MySQL |
Default port for the MySQL database server.
|
3389 | RDP |
Remote Desktop Protocol for remote access to graphical desktops.
|
5060 | SIP |
Session Initiation Protocol for VoIP (Voice over IP) communication.
|
5900 | VNC |
Virtual Network Computing for remote graphical desktop access.
|
8000-8887 | Custom |
Often used for various web applications or services.
|
8080 | HTTP Proxy |
Commonly used port for web proxy servers.
|
8884 | HTTPS Proxy |
Commonly used port for web proxy servers.
|
15. Security.Txt
The security.txt file contains contact information for security researchers to report vulnerabilities. This file helps improve the security of the domain by providing a clear point of contact.
16. Robots.Txt
The robots.txt file provides directives to search engine crawlers about which parts of the site can be crawled and indexed. This is important for SEO and controlling search engine behavior.
17. Archive History
Shows historical snapshots of the website as stored in web archives like the Wayback Machine. This can be useful for understanding the website’s changes over time.
18. Google Cache
Provides information about the most recent cached version of the website by Google, useful for seeing the latest version indexed by the search engine.
How do I use Domain Explorer?
Domain Explorer is designed to provide you with comprehensive insights into any domain. It’s very easy to use.
Here’s a step-by-step guide on how the tool works:
-
Enter the Domain Name
- Simply input the domain name you wish to analyze in the provided search bar. This can be any valid domain name such as itechtics.com. Our tool also works with sub-domains.
-
Initiate the Scan
- Click on the “Free Scan” button to start the analysis. Domain Explorer will begin fetching a wide range of information related to the domain.
-
Data Collection and Analysis
- The tool will take a few seconds to collect all the information about the domain.
-
Domain Security Score
We have a domain security scoring system which takes the following information into account:
- SSL Certificate: The domain must have an SSL certificate installed to ensure encrypted communication.
- HTTP Security Headers: All critical HTTP security headers (CSP, HSTS, X-Content-Type-Options, etc.) must be configured properly.
- Firewall: A firewall should be installed and operational to protect against unauthorized access.
- DNSSEC: DNS Security Extensions should be supported by the DNS server to protect against DNS spoofing and related attacks.
- Security.Txt: A security.txt file should be deployed to provide a point of contact for security researchers to report vulnerabilities.
- Blacklist Status: The domain must not be listed on any DNS or email blacklists to maintain a good reputation and ensure email deliverability.
-
Review the Results
- Once the scan is complete, the tool will display the results in an organized, easy-to-understand format. You can review each section to gain insights into different aspects of the domain.
-
Protect and Optimize
- Use the insights gained from the tool to enhance your domain’s security, optimize configurations, and ensure compliance with best practices. Address any vulnerabilities or issues highlighted by the tool to protect your domain effectively.
Domain Explorer simplifies the process of domain analysis, providing you with all the necessary information to discover, analyze, and protect your domain comprehensively. DNS security scores help you quickly understand the overall security posture of your domain and identify areas for improvement.
What is the Domain Security Score?
Domain Security Score is a measure of the overall security status of your domain. It considers several factors such as SSL certificate installation, HTTP security headers, firewall status, DNSSEC support, deployment of security.txt, and blacklist status.
How can I improve my Domain Security Score?
You can improve your DNS Security Score by:
- Installing and maintaining an SSL certificate
- Configuring all necessary HTTP security headers
- Ensuring a web application firewall is in place and operational
- Implementing DNSSEC for your domain
- Deploying a security.txt file
- Regularly monitoring and addressing blacklist status
How often should I use Domain Explorer?
The Domain Explorer tool is completely free to use. There is no limitation (until the server breaks due to overload :-] ). You can use it as much as you can.
There are two types of usage of the Domain Explorer tool:
- Extract information about a domain
- Analyze the security status of a domain
It is recommended to use Domain Explorer regularly for analyzing the security, especially after making changes to your domain’s configuration, or if you notice any unusual activity. Regular checks help ensure your domain remains secure and optimized.
Can I export the results from Domain Explorer?
While you can copy the report link and share it with anyone you want, Domain Explorer displays results in an easy-to-understand format on the web. Export option may be available in future updates.
Can the Domain Health Check tool help me identify issues with my Active Directory health?
No. Our domain checker tool only provides information about public domains. For Active Directory domains, you may run tools like dcdiag on your Domain Controller to check for any issues with AD Domain.
How can I check the health of my web server using the Domain Health Check tool?
Our Domain Health Check tool can also analyze the health of your web server by examining security headers, SSL certificate status, and other relevant parameters to ensure your website is secure and functioning properly. Make sure your domain security score is 70+.
Is it possible to check for email domain health using the Domain Health Check tool?
Although it is possible to check and analyze your domain email configuration and deliverability issues, we strongly recommend using our Email Domain Health Checker tool for detailed analysis of your domain email configuration.
Your feedback is highly appreciated and motivate us for continuous improvements in our tools