Technical reference
Domain Explorer technical details
This reference documents the execution path behind Domain Explorer scans for engineering and security analyst workflows.
Scan status mapping
- Starting the scan of your domain: <domain> — input is normalized to a hostname, stripped of scheme/path, lowercased, and validated.
- Checking DNS setup — resolver-backed queries collect delegated NS, apex records, and mode-specific derived labels/types.
- Finding registration information — registration context is correlated from WHOIS/RDAP metadata used by downstream findings.
- Reviewing provider signals — provider fingerprints, security findings, and reliability checks are calculated with per-finding severity metadata.
- Building your report — findings are grouped by category, weighted into a score/grade, and rendered with raw evidence for analyst review.
Execution pipeline
- Acquisition layer: Parallel DNS-over-HTTPS requests against configured resolver backends with normalization and response shaping.
- Derivation layer: Additional names and record classes are conditionally added by mode (Standard, Deep).
- Analysis layer: Rules produce findings with severity, tags, and evidence payloads instead of only pass/fail values.
- Scoring layer: Category-weighted aggregation computes normalized numeric score and letter grade thresholds.
- Presentation layer: Summary, finding list, and graph data are emitted from the same canonical analysis object.
Analyst notes
Domain Explorer is evidence-forward. Treat the score as triage acceleration, then verify remediation on the raw record outputs and finding evidence attached to each issue.