Live on RapidAPI · Free tier available

Every signal about a domain.
One REST call. Zero glue code.

WHOIS, DNS, SSL certificates, subdomains, and email security — aggregated, normalized, and cached. Built for engineers who need convenience, not 5 different libraries.

Start free → Try the live demo Look up any domain
1,000 free requests/mo No credit card to start Edge-cached, sub-second p95
5-in-1
DNS · WHOIS · SSL · subdomains · email
~50ms
Cached response
1,000/mo
Free — no credit card
MIT
Open source on GitHub
Live demo

See it work in 3 seconds.

Type any domain. We aggregate WHOIS, DNS, SSL, subdomains and email security in a single response.

GET /lookup/{domain}
Try: stripe.com openai.com cloudflare.com vercel.com 0 / 5 today 
// Click "Run lookup" to see a live response
curl "https://domain-intelligence-api.p.rapidapi.com/lookup/example.com" \
  -H "X-RapidAPI-Host: domain-intelligence-api.p.rapidapi.com" \
  -H "X-RapidAPI-Key: YOUR_RAPIDAPI_KEY"
import requests

url = "https://domain-intelligence-api.p.rapidapi.com/lookup/example.com"
headers = {
    "X-RapidAPI-Host": "domain-intelligence-api.p.rapidapi.com",
    "X-RapidAPI-Key": "YOUR_RAPIDAPI_KEY",
}
r = requests.get(url, headers=headers, timeout=15)
data = r.json()
print(data["subdomains"]["count"], "subdomains found")
// Node 18+ has built-in fetch — no import needed
const res = await fetch(
  "https://domain-intelligence-api.p.rapidapi.com/lookup/example.com",
  { headers: {
      "X-RapidAPI-Host": "domain-intelligence-api.p.rapidapi.com",
      "X-RapidAPI-Key": "YOUR_RAPIDAPI_KEY",
  }}
);
const data = await res.json();
console.log(data.dns.A, data.email_security.spf);
<?php
$ch = curl_init("https://domain-intelligence-api.p.rapidapi.com/lookup/example.com");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    "X-RapidAPI-Host: domain-intelligence-api.p.rapidapi.com",
    "X-RapidAPI-Key: YOUR_RAPIDAPI_KEY",
]);
$data = json_decode(curl_exec($ch), true);
curl_close($ch);
echo $data["subdomains"]["count"];
Reports

A polished report — for any domain.

Type any valid domain to see a clean, shareable HTML report. Same DNS, WHOIS, SSL, subdomain, and email-security data as the API — rendered for humans. Bookmarkable, indexed by Google, no signup.

GET /report/{any-domain}
Try one: cloudflare.com github.com stripe.com openai.com vercel.com anthropic.com
Why this API

Five signals. One call. Zero glue code.

Stop stitching together python-whois, dnspython, raw socket SSL probes, and three different subdomain enumeration tools. We do it once, properly, and cache the result.

Aggregated & normalized
DNS, WHOIS, SSL, subdomains, email security — combined into one consistent JSON shape. No vendor-specific quirks to handle.
Modern RDAP WHOIS
We use RDAP-first with WHOIS fallback. Structured JSON output, not regex-parsed text. Handles new gTLDs and ccTLDs gracefully.
SSL certificate intel
Issuer, validity window, SANs, key algorithm, days-until-expiry. Detect misconfigured or expiring certs before they break production.
Email security audit
SPF parsing, DMARC policy extraction, MX lookup, DKIM auto-probed across 29 common selectors. Catch phishing risk and deliverability gaps in one call.
Edge-cached performance
Redis-backed cache with smart TTLs (DNS 5min, WHOIS 1hr, SSL 6hr). Cached responses return in <100ms. Fresh queries timeout-protected.
Production-ready
Per-endpoint timeouts, structured JSON logging, Prometheus metrics, graceful 502s on upstream failure. Built to live in your monitoring stack.
Endpoints

Six focused endpoints. Or one that returns everything.

Pull just what you need or grab the full picture in a single round trip. All endpoints return consistent JSON, with timestamp and source attribution.

Domain Intelligence API

GET/lookup/{domain}
Aggregate everything — DNS + SSL + WHOIS + subdomains + email security in one parallel call. The endpoint most users want. ↑ Try the live demo

DNS Lookup API

GET/domain/{d}/dns
A, AAAA, MX, NS, TXT, CAA, SOA records. All record types resolved in parallel with TTL preserved.

SSL Certificate API

GET/domain/{d}/ssl
Live TLS handshake. Issuer, valid_from, valid_to, days remaining, SANs, signature algorithm, key bits.

WHOIS API

GET/domain/{d}/whois
RDAP-first lookup with WHOIS fallback. Registrar, registrant, name servers, creation/expiry dates, status codes.

Subdomain Enumeration API

GET/domain/{d}/subdomains
Subdomain enumeration via 5 parallel sources — crt.sh, certspotter, hackertarget, rapiddns, and VirusTotal — plus an always-on DNS bruteforce with automatic wildcard filtering and background enrichment aggregating 25+ passive sources for comprehensive coverage. Deduplicated and sorted.

Email Security API (SPF, DMARC, DKIM)

GET/domain/{d}/email-security
SPF record parse, DMARC policy, MX servers, plus DKIM keys auto-probed across 29 common selectors (Google Workspace, Microsoft 365, Mailchimp, SendGrid, Postmark, and more).
Pricing

Pay only for what you use.

Billed monthly via RapidAPI. Cancel anytime. Overages are charged per request beyond your monthly quota. Cached responses count the same as fresh.

BASIC
$0/mo
Everything you need to evaluate the API and ship a hobby project.
  • 1,000 requests / month
  • All 6 endpoints
  • Edge cache included
  • No credit card required
Start free
Most popular
PRO
$9.99/mo
For production apps doing real volume. The sweet spot for most teams.
  • 50,000 requests / month
  • $0.0002 per request
  • Overage: $0.0005 / req
  • 50× the free-tier quota
  • Email support
Choose PRO
ULTRA
$39.99/mo
For SaaS platforms with embedded domain features and growing customer bases.
  • 500,000 requests / month
  • $0.00008 per request
  • 60% cheaper than PRO
  • Overage: $0.0002 / req
  • 10× the PRO quota
  • Email support
Choose ULTRA
MEGA
$149.99/mo
For data platforms, security vendors, and high-volume scanning workloads.
  • 5,000,000 requests / month
  • $0.00003 per request
  • 85% cheaper than PRO
  • Overage: $0.0001 / req
  • 100× the PRO quota
  • Dedicated support channel
Choose MEGA
OTI Labs DomainTools WhoisXMLAPI Sublist3r (OSS)
Free tier1,000 req/mo, no cardNoneLimited trialFree (self-host)
Starting paid plan$9.99/mo$99/mo~$49/mon/a
WHOIS / RDAPRDAP + port-43 WHOIS (4-tier fallback)WHOISWHOIS + RDAP
DNS / SSL / Subdomains / Email security in one callSeparate productsSeparate endpointsSubdomains only
Subdomain sources5 sources + DNS brute + wildcard filterPassive DNS1–2 sourcesBruteforce only
Setup timeMinutes (RapidAPI key)Sales call requiredAccount + verificationManual install + Python deps
Hosted & cachedRun yourself
Source code on GitHubMIT-licensed

Pricing from public marketing pages, May 2026. Plans and features evolve — check each vendor for the latest.

Use cases

Built for engineers who deal with domains daily.

Our customers use Domain Intelligence to power security tools, sales platforms, registrars, deliverability dashboards, and asset management products.

Security & threat intel
Enrich indicators of compromise. Spot newly registered look-alike domains. Audit certificate issuance and DNS posture during incident response.
Sales & lead enrichment
Look up MX provider, hosting clues, registration age, and corporate email setup before adding a lead to your CRM. Score domains automatically.
Email deliverability
Validate SPF, DMARC, and DKIM-supporting MX setup before sending. Catch policy gaps that hurt sender reputation and inbox placement.
Domain registrars & resellers
Power your customer dashboard with live SSL state, DNS health, and WHOIS info without maintaining your own scraping fleet.
Attack surface management
Continuous subdomain discovery via crt.sh. Track new SSL certificates issued for assets you own. Detect shadow IT before attackers do.
SaaS onboarding
When a customer adds a custom domain, validate DNS, SSL, and ownership signals in one call. Cut onboarding time from minutes to seconds.

Ship a domain feature this afternoon.

Free tier · No credit card · Production-ready in one HTTP call.

Get your API key →