Free AI-powered domain, DNS, IP and security tools — 50+ diagnostics in one place.
DomainScan is a unified diagnostic platform for domain owners, security engineers and developers. Run WHOIS, DNS, IP intelligence, SSL/TLS, security headers, email authentication (SPF, DMARC, DKIM), blacklist checks and developer utilities — every tool free, anonymous, and backed by an AI layer that explains what each result means. Built for people who would rather diagnose a problem in 30 seconds than juggle ten paid vendors.
Domain intelligence — WHOIS, DNS, SSL, email auth
Ten domain diagnostic tools covering the full stack from registration data to email security posture. Every endpoint also exposed as a public REST API.
WHOIS + RDAP for any domain — owner, registrar, creation date, expiry, nameservers, status codes. Free, no signup.
Query A, AAAA, MX, TXT, CNAME, NS, SOA, CAA records. Troubleshoot resolution and verify zone configuration.
Check propagation across 30+ resolvers worldwide. See which regions have your new record, which still cache the old one.
Composite 0–100 score over DNS, SSL, WHOIS, blacklist, email auth — detect scam, expired or misconfigured domains in one scan.
Verify NS records, response times, health scores and provider distribution across your authoritative nameservers.
Audit your email authentication posture — SPF lookups, DMARC policy strength, DKIM key validation with AI recommendations.
Capture desktop and mobile screenshots of any URL — configurable viewport, quality and wait time. Great for visual regressions.
Check if a site is visible to ChatGPT, Claude, Perplexity. Scores robots.txt AI policy, llms.txt presence, JSON-LD, SSR, sitemap.
Network diagnostics and IP intelligence
Eight network and IP tools — geolocation, reverse DNS, blacklist reputation, port scanning, latency analysis, subnet calculations.
Your public IP, geolocation, ISP, ASN, hostname and trust score — instantly, no installation.
Geolocation, ISP, ASN, reverse DNS, organization, trust score for any IPv4 or IPv6 address.
ICMP latency, packet loss, jitter and connection quality assessment for any host.
Hop-by-hop network path with latency and provider info — identify bottlenecks and routing anomalies.
Find all domains hosted on a given IP. Useful for security research and shared-hosting checks.
Check which ports are open on any host — service detection, protocol info, response times.
Query 30+ DNSBL and email blacklists in parallel. Trust score and per-list remediation guidance.
Network address, broadcast, usable hosts, mask in decimal/binary, wildcard mask — CIDR or classful input.
TLS, security headers, and authentication audits
Four security-focused tools that cover certificate validation, HTTP security headers, email authentication, and MAC address intelligence.
Validity, trust chain, key strength, TLS protocol versions, cipher suites, grade. Catches weak keys and stale chains.
HSTS, CSP, X-Frame-Options, Referrer-Policy, Permissions-Policy — graded with hardening recommendations.
Composite email security report — SPF, DMARC, DKIM checked together for full anti-spoofing posture.
Manufacturer, usage type and (where available) location info from any MAC address or OUI prefix.
JWT, hashing, UUID, Base64 — utilities for builders
Five developer utilities you reach for daily. Everything runs in your browser when possible; nothing requires signup.
Build JWTs with custom claims, headers and expiry. HS256/384/512 and RS256/384/512 algorithms supported.
Decode header, payload, signature. Validate expiry, issuer, audience and signing algorithm at a glance.
MD5, SHA-1, SHA-256, SHA-384, SHA-512 hashes for any text or file. Useful for integrity checks and ETags.
v1, v3, v4, v5 UUIDs with namespace support, uppercase/dashes options. Bulk generation supported.
Encode text or files to Base64 and decode back. URL-safe variant supported.
Why teams pick DomainScan over single-purpose tools
DomainScan replaces four to six paid SaaS subscriptions with a single platform. Three reasons teams switch:
- One UI for the whole diagnostic surface WHOIS, DNS, IP, SSL, headers, email auth, blacklist, MAC, port scan, traceroute, JWT, hash, UUID — one consistent UX, one billing relationship, one dashboard for usage and keys.
- AI that runs the actual diagnostic — not a synthetic answer Prism AI selects from 50+ real tools, executes them in parallel, and reasons over the data. No hallucinated WHOIS records, no imaginary certificates.
- Free by default, generous on the paid tier Every tool works anonymously with no signup. Free account gets 100 API credits/month with no card. Paid plans add throughput and SLA — never tool unlocks.
- API-first design Everything on the UI is a public REST endpoint. JSON-only, stable error codes, predictable rate limits, date-pinned versioning. Same data, ready for your dashboards or automations.
Who uses DomainScan and what they do with it
Five recurring use cases across our usage data. If you fit any of these, DomainScan likely consolidates two or three of your current tools:
- Domain owners verifying their own posture Run Domain Health weekly. Catch expired certificates, misconfigured DMARC, blacklist drift, NS-mismatch before customers do.
- Security and SOC analysts investigating fraud Reverse-IP, WHOIS history, blacklist, traffic data — pivot from a single URL to the full infrastructure footprint behind a campaign.
- Web developers debugging deploys DNS propagation, SSL chain, security headers, JWT decoding, hash generation — the diagnostic surface you reach for when staging looks fine but production is broken.
- Email operators tuning deliverability SPF, DMARC, DKIM together. Surface lookup-count overruns, missing reporting, weak alignment — the silent reasons mail hits spam.
- Consumers verifying a site before they pay Domain Health turns the technical signals into one risk score. "Is this checkout page legitimate?" answered in 30 seconds.
What stays free, what the paid plans add
Every tool is free to use anonymously. Paid plans buy throughput, multiple keys and an SLA — not feature unlocks.
- Anonymous (no signup) 20 req/min · 200 req/day per IP. Every tool, every output. Session-only — no key, no account.
- Free account — $0/month 100 API credits/month, 10 req/min, 1,000 req/day, 1 API key. Lift the anonymous limits with no credit card.
- Paid plans — Starter $5 · Pro $18 · Business $82 Higher credits, faster throughput, multiple API keys, 99.5%–99.9% SLA. See /pricing for the per-tier credit budget.
- Same tools across every plan No tools held behind a paywall. Prism AI included on every plan, including Free.
Start with the tool that fits your problem
Four quick entry points by intent. Each opens the relevant tool with a working sample so you can see the output shape before typing your own input.
Run Domain Health Check — composite risk score over registration age, SSL, blacklist, DNS, email auth.
Run the Email Authentication audit — SPF, DMARC, DKIM in one pass with actionable fixes.
Run the DNS Propagation Checker — global resolver status, percentage propagated, response times.
Run the AI SEO Checker — robots.txt, llms.txt, JSON-LD, SSR signals graded for AI citation readiness.