Network intelligence,
laid bare.
Stop switching between SSL Labs, dig, ifconfig.co, and security header scanners. Everything you need to understand a domain — in one place.
Built for DevOps, SRE, and security engineers who need IP context, DNS health, TLS details, HTTP security headers, and email security posture in the same workflow. Start with lens for a single A+–F health grade, or go deep with the individual tools. Self-hostable, open-source, no account needed.
lens
One domain. Five signals — IP, DNS, TLS, HTTP, and Email — one grade, streamed in real time as each check completes. Use the individual tools below to dig deeper into any finding.
- → IP, DNS, TLS, HTTP, and Email checked in parallel
- → A+–F grade with per-section breakdown
- → Results arrive in real time — no waiting for the slowest check
- → CI-friendly API — gate deploys on a health grade
IP Lookup
Enter any IP — or nothing, to see your own. Get geolocation, ASN,
reverse DNS, and network classification: cloud provider, VPN, Tor
exit node, or known botnet. Works from the browser or curl.
- → Geolocation, ASN & reverse DNS for any address
- → Cloud provider, VPN, Tor & botnet detection
- → JSON, YAML, TOML, CSV — plain text for scripts
- → Batch lookups and field filtering for automation
DNS Inspector
Query multiple DNS resolvers at once and stream results as they arrive. Spot resolver disagreements, trace delegation chains, and audit your domain's full DNS health in one shot.
- → Query, Check, Trace, Compare, Auth, DNSSEC modes
- → Cloudflare, Google, Quad9, Mullvad & more
- → dig-inspired query language with tab completion
- → Streaming results — no waiting for all resolvers
TLS Inspector
Catches what openssl s_client buries in noise.
Full certificate chain, protocol version, cipher strength, and DNS
cross-validation — including broken and expired certs.
- → Full chain: expiry, algorithm, completeness
- → DANE/TLSA validation & CAA record cross-check
- → Multi-IP consistency — detects CDN cert mismatches
- → Intentionally inspects broken & expired certs
HTTP Inspector
Inspect CSP, HSTS, CORS, cookies, and security headers for any URL. Three concurrent probes — HTTPS chain, HTTP port-80 upgrade, and CORS with an evil origin — give you the full picture in one request.
- → Content Security Policy analysis and scoring
- → HSTS validation including preload eligibility
- → CORS probing with simulated cross-origin requests
- → Cookie attribute audit and security header scoring
Email Inspector
DNS-only email security posture analysis. Checks SPF, DKIM, DMARC, MTA-STS, DANE, BIMI, DNSSEC, and more — with an aggregate A–F grade streamed as each check completes.
- → SPF flattening and DKIM key validation
- → DMARC policy analysis with alignment checks
- → MTA-STS, DANE/TLSA, and DNSBL reputation
- → Aggregate A–F grade with per-category breakdown
Learn
Guides on the protocols and concepts behind the tools.