Skip to main content
dnsverifier.com

About dnsverifier.com

A free, no-sign-up suite of web and DNS diagnostic tools for engineers, security researchers, and operators.

What this is

dnsverifier.com bundles the tools you reach for during an outage, an audit, or a deploy into a single page. Every check runs server-side and streams results live as they arrive — no waiting for a full report, no client-side network limits.

The toolkit covers eight diagnostic surfaces today:

  • TLS Grader — SSL Labs-style A+ to F grading, including raw-TCP probes for Heartbleed and TLS-extension intolerance.
  • HTTP Headers Checker — Security-header scoring, CSP / cookie / cache analysis, server-config fix snippets for nginx, Caddy, Cloudflare, and Apache.
  • DNS Lookup — Every record type across multiple resolvers, with a mismatch matrix, DNSSEC trust-chain validation, glue audit, and subdomain enumeration.
  • DNS Propagation Checker — 85 public resolvers across 60+ countries with a world-map view.
  • Email Records — SPF (with full include-tree expansion), DKIM (with key inspection), DMARC, MTA-STS, TLS-RPT, BIMI, live SMTP probe, and DNSBL scan.
  • WHOIS / RDAP Lookup — EPP status decoder, DNSSEC + nameserver health, registration timeline, snapshot-diff.
  • Subdomain Finder — Passive enumeration via Certificate Transparency, the Wayback Machine, and DNS bruteforce, with subdomain-takeover risk flags.
  • Port Scanner — TCP-connect scan across 136 well-known ports with banner-grab and TLS handshake.

How it works

Every tool is a Next.js streaming endpoint running on Vercel's Node.js runtime. Results stream live as newline-delimited JSON so you see findings the moment they're observed rather than waiting for a final report. The frontend never proxies through a third-party API; the only outbound calls are to public resolvers, RDAP/WHOIS servers, Certificate Transparency logs, and the host you're testing.

What we don't do

  • No accounts. No sign-up. No paywall.
  • No advertising, no ad-personalization. Google Analytics 4 is used for aggregate measurement only — see the Privacy Policy for the cookies it sets and how to opt out.
  • No persistence of your tool queries server-side — only standard request logs the hosting provider keeps.
  • No use as a proxy for unauthorized scanning — private, loopback, link-local, and cloud-metadata addresses are blocked at the API.

Acceptable use

The scanning tools are dual-use. Run them against systems you own or are authorized to test. The Acceptable Use Policy spells out the full rules.

Contact

General: hello@dnsverifier.com · Abuse: abuse@dnsverifier.com · Privacy: privacy@dnsverifier.com