Loading…
Loading…
Free · no signup
Enter a domain to map every subdomain it has ever had a certificate for — and spot the forgotten ones and any that could be hijacked. In plain English, no tech knowledge needed.
Over time most sites collect subdomains — old marketing pages, a help desk, a staging site, a campaign microsite. Many get pointed at a third-party service (a hosting provider, a CDN, a help-desk tool) and then forgotten. If that service later releases the name, an attacker can claim it and serve their own content from your subdomain — phishing your customers, stealing logins, or damaging your brand. That’s a subdomain takeover, and it’s common precisely because nobody’s watching the forgotten corners.
It’s fully passive — we don’t scan or probe anything aggressively. We read public certificate transparency logs (the open record of every certificate ever issued) to list a domain’s subdomains, then do standard DNS lookups to see which still resolve and which point at a service that no longer hosts them. A subdomain we flag as hijackable is one pointing at a third-party service whose target is gone or unclaimed.
Your subdomains change as you launch and retire things. Continuous monitoring — an alert the moment a new subdomain appears or one becomes hijackable — is part of Scorifya Pro. Run a free check above, then turn on monitoring when you’re ready.