Audit any domain in 30 seconds — how /d/:domain works

// published 2026-04-17

You can audit any domain on DomBrains in 30 seconds by visiting /d/example.com. No signup, no form, no API key. Here's what that page actually does under the hood and how to use it without wasting time.

What /d/:domain shows

Every public domain profile page runs eight headline checks in parallel and renders the result in a single-screen card grid:

• SSL — cert expiry, issuer, chain depth, TLS version
• DMARC — policy, alignment, reporting addresses
• SPF — record syntax and DNS-lookup count (the 10-lookup ceiling)
• MX — mail server records + detected provider (Google Workspace, MS365, Zoho, etc.)
• NS — authoritative nameservers
• WHOIS — registrar, creation date, expiry date
• DNSSEC — signed or not
• Security Headers — HSTS / CSP / X-Frame-Options / grade

Each card shows a color-coded status pill — [ OK ], [ WARN ], [ CRIT ], [ ERR ] — plus a one-line summary. Click any card to open the full dedicated tool page (SSL Checker, DMARC Checker, etc.) with all the detail.

Cached 24 hours

The profile is cached for 24 hours per domain. That means: the first visitor triggers eight parallel checks (about 3-8 seconds total depending on how slow the slowest tool is), every visitor after that within the 24h window gets the same result instantly from cache.

Practical consequence: if you just changed a DNS record, wait for the TTL window to flush upstream caches, then request /d/yourdomain.com — if it's still showing the old value, it's our 24h cache. Use the dedicated tool page (e.g. DMARC Checker) which has a shorter 1-hour cache, or the DNS Propagation Checker which hits 12 resolvers live.

Embeddable status badges

Each headline check has an embeddable SVG badge: /badge/:domain/:check.svg. Example markdown for your README:

[![SSL](https://dombrains.com/badge/example.com/ssl.svg)](https://dombrains.com/d/example.com)
[![DMARC](https://dombrains.com/badge/example.com/dmarc.svg)](https://dombrains.com/d/example.com)
[![DNSSEC](https://dombrains.com/badge/example.com/dnssec.svg)](https://dombrains.com/d/example.com)

Available :check values: ssl, dmarc, spf, mx, dnssec, security_headers. Badges cache for 1 hour at the edge — fast enough to drop on a high-traffic page.

Schema.org markup

Each profile includes JSON-LD WebPage markup so Google can surface the page as a direct answer when somebody searches "is example.com's SSL valid" or similar queries. We didn't want to bloat the rendered HTML with a thousand structured-data tags — just the basics: domain, overall status, generated timestamp.

What /d/:domain is not

• Not a full security audit. For deeper SSL detail, use SSL Checker which now exposes the full chain, forward-secrecy flag, SHA-256 fingerprint, etc.
• Not a performance test. We check configuration, not response time.
• Not a vulnerability scanner. Nothing active — just public records.
• Not rate-limit-friendly for automation. Use the REST API with a bearer token if you need programmatic access at volume.

Try it

Three examples worth browsing to see the surface:

• /d/google.com — clean, strict DMARC, DNSSEC-signed
• /d/github.com — HSTS preload, full security headers
• /d/yourdomain.com — replace with whatever you're auditing right now

See the full curated list at /popular-domains, or just go run a check.