~/tools
> tools
featured
domain dossier — run ten checks on any domain in one go: dns, mx, spf, dmarc, dkim, tls, redirects, headers, cors, and web surface. one page, one shareable link.
network
- user agent — parse your browser's user agent string (browser, os, device, engine).
- what is my ip — your public ip address, location, and timezone.
- http headers — inspect the http request headers your browser sends.
- ip lookup — look up any IP's geolocation, ASN, and ISP (via ipinfo.io).
- dns lookup — resolve A, AAAA, MX, TXT, NS, or CNAME records via Cloudflare DoH.
- dns records lookup — resolve A, AAAA, NS, SOA, CAA, and TXT records for a domain in one go.
- mx lookup — list the mail exchangers (MX records) a domain advertises, sorted by priority.
- spf checker — find and parse a domain's SPF (sender policy framework) record.
- dmarc checker — find and parse a domain's DMARC policy record at _dmarc.<domain>.
- dkim lookup — probe common DKIM selectors (default, google, k1, selector1/2, mxvault) for a domain.
- tls certificate checker — inspect a domain's TLS certificate: subject, issuer, validity, SANs, fingerprint.
- redirect checker — trace the HTTP(S) redirect chain from https://<domain>/ up to 10 hops.
- security headers checker — inspect the response headers served at https://<domain>/ — HSTS, CSP, X-Frame-Options, etc.
- cors checker — run a CORS preflight (OPTIONS) against a domain and surface the access-control-* response headers.
- web surface inspector — fetch robots.txt, sitemap.xml, and the home page's <head> to summarise a domain's public-web surface.
dev
- base64 — encode and decode base64 strings (client-side, unicode-safe).
- json — format and validate JSON. 2 / 4 space or minified output.
- url codec — percent-encode and decode URL components.
- uuid — generate UUIDs (v4 random, v7 time-ordered).
- jwt decoder — decode JWT header and payload client-side. no signature verification.