Free tool · No signup

Find every certificate you forgot.

Paste a root domain. We pull every subdomain from public Certificate Transparency logs and audit each one's TLS certificate — live.

Public CT logs Live TLS handshake No DNS access required

CT log discovery

Every cert issued by a public CA is logged. We query those logs for your root and pull back every subdomain that's ever had a cert.

Live TLS audit

Each subdomain gets a fresh TLS handshake. You see the issuer, validity window, and whether the certificate even matches.

No agents, no access

Just a domain name. The staging box someone stood up in 2022 surfaces alongside production — without you knowing it existed.