WHOIS & Registration
Registrar, registrant dates, nameservers, status flags, and abuse contacts — queried live from the authoritative registry.
Paste any domain and FatDig pulls together everything you need to know — ownership, configuration, performance, and security — in a single click.
Registrar, registrant dates, nameservers, status flags, and abuse contacts — queried live from the authoritative registry.
A, AAAA, MX, NS, TXT, CNAME, SOA records. Plus probes for common subdomains so you spot mail and admin endpoints fast.
Certificate issuer, SANs, validity window, signature type, plus the full HTTP and HTTPS response headers for the host.
Google PageSpeed Insights score, Core Web Vitals, and the highest-impact opportunities to improve load time and UX.
Any hostname works — root, www, or any subdomain. FatDig handles the parsing.
WHOIS, DNS, SSL, redirects, headers, and performance run together — not back-to-back.
Inline summary in the modal, or open the Advanced Dig for charts, copy-buttons, and a print-ready report.
Every check in the Advanced Dig is also available as its own focused tool. Paste a domain, get just that answer.
Raw WHOIS for any registered domain. Registry plus optional registrar referral.
RDAP lookups across all five RIRs (ARIN, RIPE, APNIC, LACNIC, AFRINIC) with redirect following.
Certificate issuer, validity window, SANs, and signature for any HTTPS host.
Full HTTP and HTTPS response headers, side by side, exactly as the server sends them.
Follow the full redirect chain hop by hop, with the status code at each step.
MX and mail-routing records, with quick detection of Google Workspace and Microsoft 365.
SPF, DKIM, DMARC, and CAA in one shot — the records that decide if your mail is trusted and who can issue your certs.
Detect the CMS, framework, server, CDN, analytics, and JS libraries a site is built with.
Scan a homepage for accidentally-exposed API keys and tokens across ~30 known patterns.
Plus Raw Code Viewer, Code Snippets, and FD Classic — or run the Advanced Dig to get all of the above on one page.
Short, plain-language walkthroughs covering what FatDig measures — so when you read a report, you know exactly what each line is telling you.
Registrar vs. registry, those cryptic clientTransferProhibited codes, what the dates really mean — and why the abuse contact matters when something goes wrong.
The three records that decide whether your email lands in inbox, spam, or nowhere. What each one does, how they work together, and the most common ways they break.
Read article →Why the “Valid From” date matters, what the subject alt names are doing, and how to spot a cert that’s about to bite you in production.
Read article →Why locking down which CAs can issue certificates for your domain is a five-minute change that prevents a whole class of attacks — with copy-paste examples.
Read article →A rolling stream of newly-disclosed vulnerabilities — CVEs, advisories, and patch notices from the major security feeds. Useful for spot-checking whether a stack you care about just landed on the radar.