About & Resources

Resolves the target domain to its underlying IP addresses and performs geolocation lookups. Identifies the Hosting Provider, ASN, and geographic location to help spot anomalies.

Source: ip-api.com

Visualizes geolocation intelligence interactively. Displays the resolved physical location of an IP address or domain on real-world map tiles using Leaflet.

Source: OpenStreetMap

Fetches common DNS records like A, MX (Mail Exchange), NS (Name Servers), and TXT records (used for SPF/DMARC verifications) directly over DNS-over-HTTPS.

Source: Cloudflare DoH

Queries Certificate Transparency (CT) logs to find other subdomains that have had SSL certificates issued for them. This is a passive reconnaissance technique.

Source: crt.sh

Opens a raw TLS socket to fetch the server's certificate. We check the issuer, validity period, expires date, and subject alternative names.

Source: Direct TCP/TLS Socket

Sends an HTTP HEAD request to observe response headers such as Content-Security-Policy, Strict-Transport-Security, and checks for server leakages (X-Powered-By).

Source: HTTP Response

Uses the Registration Data Access Protocol (the modern alternative to WHOIS) to find who registered the domain, registration dates, and abuse contact information.

Source: rdap.org API

Performs a quick, non-intrusive HTTP check against common paths to identify exposed administrator panels, `.env` files, `.git` configs, and backups.

Source: HTTP Probing

Looks up the OUI (Organizationally Unique Identifier) of a MAC address to determine the hardware manufacturer of a network interface card.

Source: maclookup.app