About HostMortem

HostMortem is a free, browser-based diagnostic tool that runs ten independent checks against any domain or IP address in a single pass — DNS, SSL/TLS, HTTP security headers, CORS, IP geolocation, robots.txt and sitemap crawlability, email deliverability (SPF, DKIM, DMARC, BIMI, MTA-STS), WHOIS/RDAP registration data, server performance, and an overall security score.

Why we built it

Most host diagnostic tools cover exactly one angle. You'd run an SSL checker on one site, a DNS propagation tool on another, a security headers scanner on a third, and a separate lookup for SPF and DMARC — copying the same domain into four or five different tabs to get a complete picture. HostMortem exists to collapse that workflow into a single run: type a domain or IP once, and every panel populates in parallel, usually in under two seconds.

It was built by Step41, a small studio that builds developer tools with a "clinical forensics" bent — treat every domain like a case file, and give a straight, unstyled read on its actual condition rather than a marketing-friendly summary.

What makes it different

Three things HostMortem does that most single-purpose checkers don't:

  • Breadth in one run. DNS, SSL, headers, CORS, IP/ASN, robots.txt, full email authentication, WHOIS, performance, and a rolled-up security grade — all from one target, one request.
  • Two reading levels. Every panel in the documentation is written twice: a plain-language "Field Notes" explanation for anyone who just wants to know what a result means, and a technical "Lab Report" for engineers who want the exact query, endpoint, and scoring formula behind it.
  • Nothing is stored. Every diagnostic is a live, read-only probe. Results aren't cached or logged against your domain — run the same target twice and you get two independent snapshots, which is useful for confirming a DNS change actually propagated or a new certificate is live.

How it works, briefly

The site you're looking at is static HTML, CSS, and JavaScript. When you submit a domain, your browser calls a Cloudflare Worker API that fans out to public, authoritative data sources — Cloudflare, Google, and Quad9's DNS-over-HTTPS resolvers, the crt.sh certificate transparency log, TLD-authoritative RDAP servers, ipapi.co for geolocation, and the Tor Project's exit node list, among others. Each panel's exact data source and scoring method is documented on the docs page.

There's no account system, no sign-up, and no rate limiting on the free tool itself — enter a domain and get a full diagnostic. For details on what limited data is collected (analytics, ad delivery) and how it's handled, see the Privacy Policy.

Get in touch

Found a bug, have a feature request, or want to report something that looks wrong in a panel's data? Visit the Contact page.