Safe external review, read-only
See what attackers can already see about your domain
Run a safe, read-only external check of your DNS, TLS, email authentication, security headers, and exposed services. No login. No passwords. Private report by email.
Public configuration only · No intrusive testing · No form submission · No password testing
We verify email before scanning to reduce abuse and to send the private report only to a confirmed inbox.
What you receive
Plain-language risk summary
What matters first, without raw scanner noise.
Prioritized fixes
The top actions ordered by likely security impact.
Public exposure map
Domains, certificates, mail authentication, headers, and visible services.
Safe-by-design scope
No login, no password testing, no exploit attempts.
Safe by design
We do
- Read public DNS records
- Check TLS certificate and configuration
- Review email authentication records
- Check common HTTP security headers
- Identify publicly visible services
We do not
- Attempt login
- Test passwords
- Submit forms
- Modify or delete anything
- Run exploit attempts
Who this is for
Who this is for
- Domain owners who want a first external security review.
- Small IT teams preparing a cleanup plan.
- Founders who want to know what is publicly visible before customers or attackers do.
Not a substitute for
- Proving full compliance.
- A penetration test.
- Finding bugs behind a login.
- Validating source code or internal networks.
How it works
- You submit a domain and email address.
- You click the confirmation link in your inbox.
- We run the scan and email the report to you.