MyCompany.tech now offers four free IT diagnostic tools: a DNS record checker, an SSL certificate inspector, an email security validator, and an HTTP headers analyzer. All four run directly in your browser, no account or software required. Enter a domain or URL and get results in seconds.
The tools are available at mycompany.tech/tools. Here is what each one does and when you would reach for it.
DNS Checker
The DNS Checker queries all record types for any domain in parallel, using Cloudflare's DNS-over-HTTPS resolver, and displays the results in a readable format. You get A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, and SRV records, with each type labeled and explained.
The most useful feature is the zone file download. Once you have run a lookup, you can download a BIND-formatted zone file that is ready to import directly into AWS Route53. This is handy when you are migrating DNS to a new provider and need to move records without manually recreating each one.
Common uses:
- Verify that a DNS change has propagated before telling a client their site is live
- Check that MX records point where you expect before migrating an email platform
- Pull a full export of a domain's DNS before making changes, so you have a reference copy
- Confirm that a new subdomain has the right CNAME in place
SSL Certificate Checker
Browsers show a padlock, but they do not tell you when that padlock expires. The SSL Certificate Checker connects to any hostname and returns the full certificate details: subject, issuer, expiry date, days remaining, Subject Alternative Names, TLS protocol version, and cipher suite.
The result is color-coded based on certificate health. Green means valid with more than 30 days remaining. Yellow means the certificate expires within 30 days. Red means it has already expired.
Common uses:
- Confirm a new certificate is installed and valid before removing an old one
- Audit subdomains that may have been overlooked during a renewal cycle
- Check third-party hostnames (CDN origins, API endpoints, partner services) that your own monitoring may not cover
- Verify that the correct certificate is served, especially after a migration
Email Security Checker
This tool checks the four DNS records that determine whether your outbound email is authenticated and whether your domain is protected against spoofing: MX, SPF, DMARC, and DKIM.
Each check returns a pass, warning, or fail status with a plain-English explanation. DMARC results are interpreted based on the policy value. A p=none policy gets a warning rather than a pass, because monitoring-only DMARC does not actually block spoofed email. A p=quarantine or p=reject policy returns a pass.
For DKIM, the tool checks four common selectors: default, google, selector1, and selector2. These cover most Google Workspace and Microsoft 365 configurations. If your DKIM uses a non-standard selector, the tool will note that no key was found at the common selectors, which is a signal to investigate rather than a definitive fail.
Common uses:
- Confirm that email authentication is correctly configured before switching to a new email provider
- Audit a client's domain before onboarding them for email management
- Verify that a DMARC policy is in place and enforced, not just in monitoring mode
- Check a newly registered domain before it is used for sending
HTTP Headers Inspector
The HTTP Headers Inspector sends a HEAD request to any URL, follows the full redirect chain up to five hops, and categorizes the response headers into four groups: Security, Caching, Content, and Other.
The security section always shows all ten tracked headers, whether they are present or not. Missing headers get a red "Missing" badge. Present headers are graded based on their values. A Strict-Transport-Security header only passes if it includes max-age. An X-Frame-Options header only passes if the value is DENY or SAMEORIGIN. The overall score shows how many of the six most critical security headers are correctly configured.
Common uses:
- Verify that security headers are in place after a site deployment
- Check whether HTTP traffic redirects to HTTPS, and confirm the redirect chain is clean (one hop, not three)
- Confirm that cache-control headers are set correctly on static assets
- Audit a vendor's web application for basic security header hygiene before integrating with it
Why we built these
Most DNS, SSL, and header checking tools either require an account, throttle requests aggressively, or are buried inside a product that is trying to sell you something. We wanted something fast, free, and direct.
These tools are also a practical extension of the work we do for clients. A significant part of managed IT involves diagnosing infrastructure problems quickly, and these are the lookups we run routinely. Making them available as simple browser tools means anyone on your team can check something without needing a terminal or knowing which dig flags to use.
If you run one of these tools and find a problem you are not sure how to fix, the contact form is right there.