Composite 0–100 scores for domains and IPs, derived from registration age, DNSSEC posture, blacklist presence, certificate strength, email authentication and many other signals.
Your unified fortress for domain and IP security — 50+ free AI-powered tools on a single, intuitive platform.
At DomainScan, navigating the complexities of domain and IP security shouldn't require ten different vendors. We built a single comprehensive platform — WHOIS, DNS, IP intelligence, SSL/TLS, email authentication, security headers, blacklist reputation and a conversational Prism AI assistant — that lets one team manage its entire security and observability posture from one place.
What we are trying to fix
Domain and IP intelligence is a fragmented landscape — one tool for WHOIS, another for DNS, a third for SSL, a fourth for email auth, each with its own dashboard, billing, paywall and learning curve. We believe one well-designed surface beats ten mediocre ones:
- One platform for the full diagnostic surface WHOIS, DNS, IP geolocation, SSL/TLS, security headers, SPF/DKIM/DMARC, blacklist, MAC vendor, port scan, traceroute, JWT, hash, UUID — all on one stack with one consistent UX.
- AI that runs the actual diagnostic, not synthesizes one Prism AI selects from 50+ real tools, executes them in parallel, and reasons over the data. No hallucinated WHOIS, no imaginary certificates.
- Free by default, generous on the paid tier Every tool works without an account. Free tier with a key gives 100 API credits/mo. Paid plans add throughput and SLA — never tool unlocks.
- An honest free tier — not a sales funnel No credit card at signup. No drip emails asking you to upgrade. No tools held behind a feature flag. We compete on quality, not friction.
Security powered by AI and machine learning
AI/ML is woven into the fabric of the platform — not bolted on. Four areas where it materially changes the output:
Every raw diagnostic — WHOIS record, DNS table, certificate chain — gets an AI layer that explains what it means, what is unusual, and what to do about it.
Ask any question in plain English. The assistant selects the right tools, runs them, and synthesizes one coherent answer instead of leaving you to stitch five reports together.
We flag patterns that pre-AI tools miss: newly-registered domains with parked nameservers, ASNs hosting clusters of phishing infrastructure, certificates with abnormally short lifetimes.
Why teams pick this over the alternatives
Three things customers tell us repeatedly:
Teams replacing four to six paid SaaS subscriptions with one. The whole diagnostic surface, one billing relationship, one dashboard for usage and keys.
Every public tool works anonymously. You can audit your own domain or test an integration without ever creating an account.
Everything on the UI is a public REST endpoint. JSON-only, stable error codes, predictable rate limits, date-pinned versioning.
Built by domain operators and security engineers who use the platform daily. Bug reports and feature requests get a human reply, usually within 24 hours.
Things we deliberately avoid
Worth saying out loud — these are not on the roadmap:
- We don't sell user data Domain lookups are made against public registries and public DNS — they're not personal data. We don't compile, package or sell user query history.
- We don't gate basic tools behind paywalls WHOIS, DNS, IP lookup, SSL info — these are baseline diagnostic primitives. They're free, forever. Paid plans buy throughput and SLA, not feature unlocks.
- We don't pretend to be a SIEM We're a diagnostic and reconnaissance layer. We integrate well with Splunk, Datadog, Elastic and Sentinel — but we don't replace them.
- We don't run aggressive scans without consent Port scans target the IP you ask about. We don't sweep wide subnets, we don't probe production banking, we don't ship anything that could be confused with reconnaissance against a target you don't own.
Get involved
We're actively looking for product feedback, integration partners and security disclosures.
- Product feedback Open the in-app feedback widget (footer) or send a note via /contact. Every message is read by a human.
- Security disclosure Security findings — please send to [email protected] (PGP key in /.well-known/security.txt). We acknowledge within one business day.
- Partnerships & press Integrations, agency referrals, embeds, MSA paperwork: /contact?topic=partnership.
- Job inquiries We're a small team and hire opportunistically. Send your work and what you'd like to build — we read every email.