Domain Health & DNS Scanner
DomainLens Pro is a one-tap domain reconnaissance toolkit for IT pros, security analysts, developers, and anyone responsible for a domain.
Type any domain, IP, or URL and DomainLens Pro runs 24+ specialized probes in two parallel phases, then aggregates the results into a single color-graded report. Browse it across ten organized tabs:
• Overview — A–F security grade with a confidence score, top remediation actions, and per-category breakdown
• DNS & WHOIS — A, AAAA, MX, NS, TXT, SOA records, TTLs, registrar, expiry, name servers, registration history
• Identity (RDAP) — RFC 9083 lookup, abuse contact, EPP statuses, transfer history, privacy-redaction detection
• SSL / TLS — full certificate chain, validity, signature algorithm, SANs, OCSP stapling, forward secrecy, and post-quantum readiness (X25519MLKEM768 / SecP256r1MLKEM768)
• Headers — HSTS preload eligibility, CSP nonce/hash analysis, X-Frame-Options, COOP, COEP, Referrer-Policy, Permissions-Policy
• Email — SPF strict alignment, DKIM key strength, DMARC policy + alignment, MTA-STS, TLS-RPT, BIMI, DANE, full mail-server diagnostics
• Web Stack — server fingerprint, technology detection, third-party JS / dependency inventory, JS-derived endpoint discovery
• Exposure — sensitive file probes (.git, .env, robots.txt), CORS misconfigurations, dangerous HTTP methods, exposed login portals
• Infrastructure — ASN, hosting provider, cloud platform (AWS/Azure/GCP/Cloudflare), CDN/WAF detection, GeoIP, anycast detection, RPKI validation, IPv4 + IPv6 reachability
• Intel — DNSSEC validation, CAA records, HTTPS/SVCB records, dangling CNAME detection, zone-transfer test, Certificate Transparency subdomain enumeration, DNSBL reputation, CVE lookup against detected tech via NVD, historical drift tracking
Also handles:
• IPv4 / IPv6 reverse-lookup mode — paste an IP, get the domain back
• Private network mode — paste an internal RFC 1918 IP and get ICMP/HTTP/HTTPS detection, OS fingerprint by TTL, ARP MAC vendor lookup, traceroute (full on Mac; iOS sandbox limits some probes)
• Scan history with one-tap re-scan, offline browsing, sync across devices via Google Sign-In
• Versioned scoring algorithm with confidence weighting and partial-result handling for slow targets
• Post-quantum TLS twin probe to verify hybrid key-exchange support
Built for security pros:
• Full TLS pinning to the scan backend
• No analytics, no ad SDKs, no third-party tracking
• Sign-in is optional — without it, no personal data ever leaves the device• When you do sign in, choose any of: Apple, Google, Microsoft, GitHub, or a one-time email code (no passwords, ever)• Native iPhone, iPad, and Mac Catalyst layouts with platform-appropriate menus and Cmd+1–9 keyboard shortcuts on Mac
No subscription. No upsell.
Chrome-Stats does not own this Apple app. Please use these information below to contact the Apple app developer.