Frequently Asked Questions

Domain Tracker is a comprehensive domain intelligence platform that monitors WHOIS registration data, DNS records, SSL certificates, uptime, security threats, email deliverability, SEO metrics, and brand protection. It's designed for domain portfolio managers, web agencies, security teams, and brand owners who need to monitor and protect their web assets.

Simply sign in with your Google account, and you'll have immediate access to the Domain Tracker dashboard. You can add your first domain by clicking 'Add Domain' and entering any domain name. The system will automatically begin monitoring and collecting data.

Yes! We offer a generous free tier that includes daily credits for monitoring your domains. You can track multiple domains, run scans, and access all core features. Premium plans offer higher limits, priority scanning, and advanced features like brand protection.

You can monitor any publicly accessible domain. This includes domains you own, client domains, competitor domains, or any domain you want to keep an eye on. There are no restrictions on which domains you can add to your dashboard.

Use the 'Import' button in the Domain Tracker dashboard. You can upload a CSV file with your domains (one domain per row), and optionally include columns for type, folder, and tags. The system supports importing thousands of domains at once with progress tracking.

Domain Tracker performs native WHOIS lookups using TCP connections to official WHOIS servers (port 43, RFC 3912). This provides accurate, real-time registration data without relying on third-party APIs. We parse and store the data, allowing you to track changes over time.

We track registrar name, registration date, expiration date, last updated date, nameservers, domain status codes, registrant contact (when not private), admin/tech contacts, and WHOIS privacy status. All changes are logged for historical comparison.

You can configure alerts to notify you when domains are approaching expiration. By default, we alert at 90, 60, 30, 14, and 7 days before expiration. You can customize these thresholds and choose to receive alerts via email or webhook.

Many domain registrars offer WHOIS privacy services that redact personal information from public WHOIS records. This is normal and compliant with GDPR and other privacy regulations. We display whatever information is publicly available in the WHOIS database.

WHOIS data is refreshed during scheduled scans (configurable from hourly to weekly) or when you manually trigger a scan. Free tier users get daily refreshes, while premium users can configure more frequent checks.

We monitor all standard DNS record types including A, AAAA, CNAME, MX, TXT, NS, SOA, CAA, and PTR records. Each record type is tracked separately, and we alert you to any changes.

We periodically resolve DNS records and compare them to previously stored values. When changes are detected (new records, modified values, or deleted records), we log the change and can send you an alert.

Yes. By monitoring nameserver records and comparing resolved IP addresses against expected values, we can detect potential DNS hijacking attempts. Unexpected changes to NS or A records trigger alerts.

Yes, we can check DNS resolution across multiple global DNS servers to verify propagation status. This helps you confirm that DNS changes have propagated worldwide.

DNSSEC (DNS Security Extensions) adds cryptographic signatures to DNS records to prevent tampering. We check whether DNSSEC is enabled and validate the chain of trust to ensure proper configuration.

The SSL grade (A+ to F) is based on multiple factors: certificate validity, chain completeness, key size (minimum 2048-bit RSA or 256-bit ECC), signature algorithm, protocol support (TLS 1.2/1.3), HSTS configuration, and absence of known vulnerabilities. An A+ grade requires all best practices including HSTS with long max-age.

SSL (Secure Sockets Layer) is the predecessor to TLS (Transport Layer Security). Modern secure connections use TLS 1.2 or TLS 1.3, but 'SSL' is still commonly used as a general term. We check for proper TLS configuration and flag deprecated SSL versions as security risks.

We validate the complete certificate chain from the server's leaf certificate through any intermediate certificates to a trusted root CA. Missing intermediates or broken chains cause trust errors in browsers, which we flag.

HSTS (HTTP Strict Transport Security) tells browsers to always use HTTPS for your domain. This prevents downgrade attacks and protects users. We check for the HSTS header, its max-age value, and whether the domain is in the HSTS preload list.

Absolutely! Let's Encrypt certificates are fully supported. Since they have 90-day validity periods, our expiry alerts are especially useful for ensuring timely renewal.

We check domains against 100+ blacklists including Spamhaus, SURBL, URIBL, Google Safe Browsing, PhishTank, and various spam and malware databases. If your domain appears on any blacklist, we alert you immediately.

Reputation scores are calculated based on multiple threat intelligence sources, blacklist presence, historical data, and behavioral analysis. A low reputation score indicates the domain may be associated with spam, malware, or phishing.

We check for Content-Security-Policy (CSP), X-Frame-Options, X-Content-Type-Options, X-XSS-Protection, Referrer-Policy, and Permissions-Policy. Each header is evaluated against best practices and recommendations are provided.

Our brand protection feature monitors Certificate Transparency (CT) logs for new certificates containing your brand name or similar variations. We use advanced algorithms to detect typosquatting, homoglyph attacks, and other impersonation attempts, alerting you to potential phishing sites.

Yes. Through brand protection monitoring, we detect newly registered domains that may be impersonating your brand. We analyze the content for credential harvesting forms, brand imagery, and other phishing indicators.

Check frequency is configurable based on your plan. Free users get checks every 15-60 minutes, while premium users can configure checks as frequent as every minute. More frequent checks mean faster detection of outages.

We perform uptime checks from multiple geographic locations to ensure accurate results and detect regional outages. This helps distinguish between global outages and localized network issues.

A site is considered down if it returns an HTTP error code (5xx), times out after 30 seconds, has connection refused, or returns an invalid/empty response. We retry failed checks before alerting to avoid false positives.

Uptime percentage is calculated as (total time - downtime) / total time × 100. For example, 99.9% uptime allows for approximately 8.76 hours of downtime per year. We track and display this automatically in your dashboard.

We check SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance) records. These are essential for email deliverability and preventing spoofing.

Common SPF issues include: too many DNS lookups (limit is 10), overly permissive rules (+all), missing include statements for your email providers, or syntax errors. We provide specific recommendations for each issue.

DMARC is configured via a TXT record at _dmarc.yourdomain.com. Start with a 'p=none' policy for monitoring, then gradually move to 'quarantine' and finally 'reject' as you verify your email sources. We can help identify your legitimate email sources.

The ideal DMARC policy is 'p=reject' which tells receiving servers to reject emails that fail authentication. However, you should start with 'p=none' to collect reports and identify all legitimate email sources before enforcing stricter policies.

Credits are used for domain scans and monitoring operations. Each action (WHOIS lookup, SSL check, security scan, etc.) costs a certain number of credits. Free users receive daily credits that refresh, while premium users get larger allocations and faster refresh rates.

If you run out of credits, you can wait for your daily refresh, purchase a credit pack, or upgrade your plan. Existing monitoring continues, but new scans and on-demand checks will be paused until credits are available.

Yes, you can cancel your subscription at any time. Your premium features will remain active until the end of your billing period. There are no cancellation fees or long-term commitments.

Yes! Enterprise plans include multiple user seats, SSO integration, custom API limits, dedicated support, and SLA guarantees. Contact us for custom pricing based on your organization's needs.

We offer a 14-day money-back guarantee for first-time subscribers. If you're not satisfied with the service, contact support within 14 days of your first payment for a full refund.

Yes! We provide a REST API for programmatic access to all monitoring data. You can add domains, trigger scans, retrieve results, and configure alerts via API. API access is included in premium plans with rate limits based on your tier.

Yes, you can configure webhook URLs to receive real-time notifications when alerts trigger. Webhooks support custom payloads and can integrate with Slack, Discord, PagerDuty, or any service that accepts HTTP POST requests.

We implement intelligent rate limiting and caching to respect WHOIS server policies. Queries are distributed across time, and results are cached appropriately. This ensures reliable data while avoiding blocks.

Yes. All data is encrypted in transit (TLS 1.3) and at rest. We follow security best practices including regular audits, access controls, and secure development practices. Your domain data is never shared with third parties.

Yes, you can export all your domain data at any time in CSV, JSON, or PDF format. We believe in data portability - your data belongs to you.