Run a comprehensive security audit across SSL, DNS, DMARC, SPF, CVEs, breaches, and more — in one scan. Get your 0-100 security score instantly.
What Does This Health Check Cover?
Our free domain health check runs the full GuardHound platform in parallel — uptime, certificates, domain intelligence, digital risk, and the eight-dimension risk score — in under 30 seconds.
-
SSL / TLS Certificate — Validates your certificate chain, checks expiry dates, and detects misconfigured certificates.
-
SPF Record — Verifies your SPF record exists and is correctly configured to prevent email spoofing.
-
DMARC Policy — Checks your DMARC record for enforcement level and alignment settings.
-
CVE Vulnerabilities — Fingerprints your server stack and checks the NVD and CISA KEV databases.
-
Data Breach Monitoring — Scans breach databases for compromised credentials associated with your domain.
-
Lookalike Domain Detection — Identifies typosquat variants that could be used for phishing.
-
WHOIS & Registrar — Snapshots your registrar and nameservers to detect hijacking.
-
Google Safe Browsing — Checks your domain against malware, phishing, and unwanted software lists.
-
Subdomain Discovery — Finds subdomains via Certificate Transparency logs.
How We Calculate Your Score
Your domain starts at a perfect score of 100. Each security issue found deducts points based on severity:
Critical issues (expired SSL, known exploited CVEs, active data breaches) carry the highest penalties — up to 25 points each.
Warnings (missing DMARC, SPF softfail, SSL expiring soon) deduct 5-15 points depending on risk level.
Informational findings (best practice recommendations) have minimal or no score impact.
The final score maps to a label: ALL CLEAR (80-100), HEADS UP (50-79), or UNDER THREAT (0-49).
Frequently Asked Questions
What does the domain health score measure?
Your domain health score (0-100) measures your domain's security posture across eight dimensions: uptime, certificates (SSL & Certificate Transparency), DNS, email authentication (SPF/DMARC/DKIM), breach exposure, vulnerabilities (CVEs), and brand / digital risk (lookalikes & abuse).
See the full breakdown →
How is the security score calculated?
Your domain starts at 100 and loses points for each security issue found. Each check category carries a weighted penalty based on severity — critical issues like expired SSL or known CVEs have the highest impact. The final score maps to one of three labels: ALL CLEAR (80-100), HEADS UP (50-79), or UNDER THREAT (0-49).
Is the domain health check really free?
Yes, completely free. You can check any domain without creating an account. The free scan runs the full GuardHound platform across all five pillars and gives you your eight-dimension risk score plus your top findings. Sign up for a free account to see the full report and set up continuous monitoring.
Can I scan any domain or only ones I own?
You can scan any domain. Our scanner only queries publicly available information — the same data anyone can access via DNS lookups, SSL certificate checks, and public databases. To set up continuous monitoring with alerts, you'll need to verify domain ownership.
How often should I check my domain's health?
We recommend checking at least weekly. SSL certificates can expire unexpectedly, DNS records can be modified, and new vulnerabilities are published daily. For best protection, set up automated monitoring with GuardHound to get instant alerts when your score changes.
Protect your domain 24/7
Stop checking manually. GuardHound runs automated scans daily (or hourly on Pro) and alerts you the moment your security score drops.
Start Free Monitoring →
Explore Individual Security Tools
Learn More About Domain Security