Home/Domain X-Ray

🌐 Domain X-Ray

Complete security analysis of any domain — HTTP response headers, security header audit with A-F grading, SSL/TLS analysis, tech stack detection, and more. Compare two domains side by side.

Understanding Security Headers

Security headers are HTTP response headers that tell browsers how to behave when handling your site's content. Missing security headers leave your site vulnerable to XSS, clickjacking, MIME sniffing, and other attacks.

Key Headers Explained

HSTS forces HTTPS connections. CSP prevents code injection by specifying allowed content sources. X-Frame-Options prevents your site from being embedded in iframes (clickjacking). Referrer-Policy controls what URL information is leaked to other sites.

Complete DNS, SSL, and Security Infrastructure Analysis for Any Domain

Domain X-Ray is a one-stop domain intelligence platform that performs comprehensive infrastructure reconnaissance on any website. Enter a domain name and receive an instant deep-dive into its DNS records, SSL/TLS certificate chain, HTTP security headers, detected technology stack, and WHOIS registration details — all aggregated into a single, readable report.

Security professionals use Domain X-Ray to audit client infrastructure before engagements, verify that SSL certificates are properly configured, confirm that security headers like Content-Security-Policy and HSTS are in place, and investigate suspicious domains for phishing indicators. The tool compares your domain against industry best practices and assigns a security header grade from A+ to F.

The technology fingerprinting module identifies web servers, CDN providers, JavaScript frameworks, CMS platforms, and analytics tools from response headers and page source. This intelligence is invaluable for competitive analysis, vendor due diligence, and attack surface mapping.

How to Use

  1. 1Enter a domain name (e.g., example.com) in the input field — no https:// needed.
  2. 2Click "X-Ray Domain" and the analysis begins across all modules simultaneously.
  3. 3Review DNS records: check A, AAAA, MX, TXT, NS, CNAME, and SPF records.
  4. 4Examine the SSL certificate: issuer, expiry date, cipher suite, and chain validity.
  5. 5Check the Security Headers grade and expand each header for remediation advice.
  6. 6Use Compare Mode to audit two domains side-by-side.

🎯 Who Uses This

  • Security engineers auditing their organization's public-facing infrastructure
  • DevOps teams verifying DNS propagation after migrations
  • Penetration testers performing passive reconnaissance during engagements
  • Domain buyers verifying infrastructure health before acquisition
  • IT administrators confirming email authentication (SPF, DKIM, DMARC) setup
  • Journalists investigating potentially malicious or spoofed domains

Frequently Asked Questions

Q: Does this tool perform active scanning that could be detected?
Domain X-Ray makes standard DNS queries and HTTP HEAD requests — the same type made by any browser visiting the site. These are passive and undetectable to the target. No port scanning, vulnerability probing, or invasive techniques are used.
Q: What is a security header grade?
Security headers are HTTP response headers that instruct browsers how to handle your site's content. Headers like Content-Security-Policy, X-Frame-Options, HSTS, and Permissions-Policy protect against XSS, clickjacking, and protocol downgrade attacks. We grade presence and configuration of all major headers.
Q: How current is the WHOIS data?
WHOIS data is retrieved live at the time of your query from the authoritative WHOIS servers for each TLD. Results reflect the current registration status and may differ from cached third-party WHOIS services.