Complete security analysis of any domain — HTTP response headers, security header audit with A-F grading, SSL/TLS analysis, tech stack detection, and more. Compare two domains side by side.
Security headers are HTTP response headers that tell browsers how to behave when handling your site's content. Missing security headers leave your site vulnerable to XSS, clickjacking, MIME sniffing, and other attacks.
HSTS forces HTTPS connections. CSP prevents code injection by specifying allowed content sources. X-Frame-Options prevents your site from being embedded in iframes (clickjacking). Referrer-Policy controls what URL information is leaked to other sites.
Domain X-Ray is a one-stop domain intelligence platform that performs comprehensive infrastructure reconnaissance on any website. Enter a domain name and receive an instant deep-dive into its DNS records, SSL/TLS certificate chain, HTTP security headers, detected technology stack, and WHOIS registration details — all aggregated into a single, readable report.
Security professionals use Domain X-Ray to audit client infrastructure before engagements, verify that SSL certificates are properly configured, confirm that security headers like Content-Security-Policy and HSTS are in place, and investigate suspicious domains for phishing indicators. The tool compares your domain against industry best practices and assigns a security header grade from A+ to F.
The technology fingerprinting module identifies web servers, CDN providers, JavaScript frameworks, CMS platforms, and analytics tools from response headers and page source. This intelligence is invaluable for competitive analysis, vendor due diligence, and attack surface mapping.