Website security is built from many small building blocks — and each one has its own standards, DNS records or HTTP headers. If you do not need the full security audit but want to check just one aspect, these tools are the fast way.

SSL check

Checks the TLS certificate of a domain: issuer, remaining validity, TLS version, cipher suite, subject alternative names (SAN). Detects expired or soon-to-expire certificates and outdated protocols like TLS 1.0 or 1.1.

DMARC lookup

Checks the e-mail security DNS records of a domain: SPF (which servers may send?), DMARC (what happens to spoofed mail?), DKIM signatures (are mails authentic?) and MX records. Domains without SPF and DMARC can be spoofed for phishing.

HTTP header check

Checks the HTTP response of a website for the six most important security headers: HSTS, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, Referrer-Policy and Permissions-Policy — the first line of defence against XSS and clickjacking.

DNS lookup

Reads all DNS record types of a domain: A, AAAA, MX, NS, TXT, CNAME, SOA and CAA. Helpful for migrations, debugging e-mail issues or checking if your domain has an IPv6 record.

Need the full audit? The full Webscan Radar security check combines all areas plus GDPR audit, CMS detection, CVE matching and performance measurement in a single report — also free, no account required.