Release notes

Feature Update – Direct URL Lookup & Navigation Improvements

Added

• Support for domain lookups via URL parameter (?domain=example.com)
• Unified input handling supporting both GET and POST requests

Improved

• Consistent behavior between manual search and direct URL access

This release introduces support for direct domain lookups via URL, allowing users to query domains using both query parameters and clean path-based URLs. The input handling has been unified to ensure consistent behavior regardless of how a lookup is initiated.

Feature Update – DMARC Delegation & Email Security Improvements

Added

• Display of DMARC resolution path (e.g. _dmarc.domain → provider)
• TXT record source classification (direct vs CNAME-followed)
• Nordicway added as a recognized DNS provider

Improved

• Detection of DMARC records resolved via CNAME delegation
• More accurate DMARC analysis distinguishing direct and delegated configurations
• Clearer DMARC presentation in the Email Security tab
• Improved support for provider-managed email security setups
• DMARC TXT records are no longer shown in DNS data when resolved via CNAME delegation

This release improves the accuracy and transparency of DMARC analysis by introducing support for CNAME-based delegation. The system now correctly identifies when DMARC is managed externally and clearly displays the resolution path. Nordicway has been added as a recognized DNS provider, and DNS data output has been refined to avoid displaying misleading DMARC TXT records when delegation is in use. These changes provide more reliable diagnostics and better insight into real-world email security configurations.

Feature Update – WHOIS Improvements & Stability Fixes

Added

• Combined registry and registrar WHOIS lookups for improved data completeness
• Registrar Information section (IANA ID, Abuse Email, Abuse Phone)
• Registrant Contact section (Country and Email when available)
• Support for updated date across more domain types
• Automatic registrar WHOIS lookup when available
• Added rmail._domainkey to subdomain discovery for improved DKIM detection coverage

Improved

• More accurate domain registration, expiration, and updated dates
• Cleaner and more relevant WHOIS output
• Improved registrar detection and display
• More consistent WHOIS results across different TLDs

This release improves the accuracy and clarity of WHOIS data by combining registry and registrar sources and presenting the results in a more structured format. New sections for Registrar Information and Registrant Contact provide better visibility into domain ownership and registrar details. Subdomain discovery has also been expanded to improve DKIM selector detection. Overall consistency and reliability have been improved across different domain types, ensuring stable and accurate results.

Feature Update – UI Improvements & Microsoft 365 Enhancements

Added

• Tenant type detection (Managed / Federated)
• Tenant brand (when available)
• Tenant region detection
• SharePoint hostname inference
• Confidence score for tenant data
• Tenant Details section
• Tenant Intelligence section
• Centralized release notes system using JSON
• Latest release display on search page
• Clickable Phatcat.dk brand link in navigation
• SPF void lookup detection (RFC 7208 compliant)
• Detailed void lookup diagnostics showing affected mechanisms and domains
• Support for expanded TLD validation including modern and multi-level TLDs
• Improved handling of internationalized domain names (IDN) across all TLDs
• Deterministic warning deduplication system across SPF, DKIM, and DMARC
• Hash-based warning normalization to prevent duplicate diagnostics
• Detection of misaligned DMARC enforcement when SPF and DKIM are both invalid

Improved

• Clear separation between detected services and inferred data
• Microsoft 365 tab layout and readability
• More stable tenant detection without relying on Autodiscover
• Release notes are now easier to maintain and reuse across the UI
• Consistent card-based layout across all intelligence tabs
• Improved visual hierarchy and spacing across the interface
• Reduced nested containers and unnecessary background elements
• Improved Email Security tab layout and readability
• Better distinction between warnings and data in diagnostic views
• Structured domain registration view with clearer data grouping
• DNSSEC section redesigned with integrated DS record display
• Improved Overview tab layout and data prioritization
• Configuration health status indicator for Microsoft 365 (Healthy / Issues / Misconfigured)
• Improved ordering of detected Microsoft 365 services
• Email Security tab now surfaces actionable SPF issues instead of only aggregate counts
• Improved visibility of misconfigured SPF includes and failed DNS lookups
• Resolved duplicate DMARC warnings caused by overlapping validation layers
• Email Security tab now correctly reports missing SPF, DKIM, or DMARC as configuration issues
• Improved consistency between Email Security score and displayed diagnostics
• Normalized warning handling across all analyzers for predictable output

This release introduces major improvements to both the Microsoft 365 intelligence features and the overall user interface. Tenant detection is now more reliable and detailed, while the interface has been standardized across all tabs with improved layout, readability, and data grouping. Email security diagnostics have been enhanced with detailed SPF void lookup detection and a new deterministic warning system, ensuring accurate and non-duplicated diagnostics across SPF, DKIM, and DMARC. Support for modern and multi-level TLDs has been expanded, with improved handling of internationalized domain names (IDN). Misconfigurations such as missing authentication mechanisms are now consistently reflected in both scoring and UI warnings. Registration and DNSSEC views have been refined to provide clearer diagnostics, and release notes are now centrally managed and integrated directly into the application.

Feature Update – Microsoft 365 Tenant Intelligence

Added

• Microsoft 365 tenant identification using OpenID configuration endpoint
• Microsoft 365 tab in Domain Intelligence panel
• Tenant ID extraction and display
• Microsoft 365 service detection (Exchange Online, Autodiscover, Teams, SharePoint)
• Conditional tenant domain display via Autodiscover

Improved

• Microsoft 365 detection logic using MX records and provider fingerprinting
• Prevent A-records derived from CNAME chains
• More accurate service classification based on DNS indicators
• UI separation between DNS data and intelligence analysis

The DNS checker now includes Microsoft 365 tenant intelligence, allowing identification of tenant IDs and associated services directly from domain analysis.

Feature Update – DMARCbis Support

Improved

• Support for DMARCbis np tag (non-existent subdomain policy)
• Validation of np policy values
• Informational notice for DMARCbis policies

The DNS checker now supports emerging DMARCbis policy tags for more accurate analysis.

Feature Update – DKIM Detection Improvements

Improved

• Expanded DKIM selector detection for ProtonMail

Improved detection of ProtonMail DKIM configurations.

Feature Update – Statistics Dashboard & System Improvements

Added

• DNS statistics dashboard
• Email security adoption metrics
• DNS provider distribution analytics
• Top DNS provider rankings
• SPF include statistics
• MX host statistics
• SPF policy distribution analysis
• Average DNS record metrics
• Provider distribution chart (Chart.js)
• Unified navigation bar
• Standalone release notes page

Improved

• Improved DNS provider statistics accuracy
• Modular statistics engine
• Top 10 provider limiting
• Responsive dashboard layout
• Safeguards for empty charts
• Dynamic navigation base path
• Improved provider detection accuracy

Fix

• Corrected DNS provider misclassification
• Fixed broken navigation paths

The DNS checker now provides both detailed per-domain analysis and aggregated DNS ecosystem insights.

Feature Update – Email Security & DNS Analysis Improvements

Added

• Email security scoring system
• DMARC reporting authorization checks
• DMARC enforcement diagnostics
• Detection of SPF-only / DKIM-only reliance
• Subdomain DMARC policy checks
• Misplaced DMARC record detection
• Tabbed Email Security UI
• Aggregated warning panel
• SPF dependency tree visualization

Improved

• CNAME-based DMARC support
• Expanded DMARC diagnostics
• Partial enforcement detection (pct)
• SPF validation improvements
• Recursive SPF analysis
• DKIM validation improvements

Fix

• Duplicate DMARC record prevention
• Improved TXT normalization
• Reduced duplicate DNS records
• Fixed SPF parsing issues
• Correct SPF lookup counting

Results are now more consistent and easier to interpret.

Feature Update – DNSSEC & Performance Improvements

Added

• DNSSEC detection with DS records
• DNS-over-HTTPS (DoH) support
• Smart caching system
• DNSSEC cache indicator
• Automatic cache cleanup

Improved

• Domain existence validation before scan
• Improved DNS failure handling

Improved accuracy, performance, and domain validation.

Feature Update – Stability Update

Improved

• Rate limiting
• WHOIS timeout handling

Backend improvements for stability and responsiveness.

Feature Update – Major UI & Intelligence Upgrade

Added

• Domain Intelligence panel
• Overview tab
• Email Security tab
• Providers tab
• Registration tab
• WHOIS integration
• DNS history improvements

Improved

• Cleaner UI layout
• Improved email security color coding
• Enhanced DNS history usability

DNS checker now provides a cleaner UI and more structured intelligence output.

Feature Update – DNS History

Added

• DNS history tracking (last 10 lookups)
• History tab integration

Initial implementation of DNS history tracking.

Feature Update – Core System Improvements

Added

• Dynamic provider loader
• Dynamic subdomain loader
• Versioned config files

Improved

• Provider detection consolidation
• Release note cleanup