Live on RapidAPI · Free tier available

Every signal about a domain.
One REST call. Zero glue code.

WHOIS, DNS, SSL certificates, subdomains, and email security — aggregated, normalized, and cached. Built for engineers who need answers, not 6 different libraries.

Start free → Try the live demo

1,000 free requests/mo No credit card to start Edge-cached, sub-second p95

Endpoints in one API

<200ms

Median latency (cached)

99.9%

Uptime target

RDAP

Modern WHOIS protocol

Live demo

See it work in 3 seconds.

Type any domain. We aggregate WHOIS, DNS, SSL, subdomains and email security in a single response. No signup required.

GET /lookup/{domain}

Try: stripe.com openai.com cloudflare.com vercel.com 0 / 5 today

// Click "Run lookup" to see a live response

curl --request GET \
  --url "https://domain-intelligence-osiris.p.rapidapi.com/lookup/github.com" \
  --header "X-RapidAPI-Host: domain-intelligence-osiris.p.rapidapi.com" \
  --header "X-RapidAPI-Key: YOUR_RAPIDAPI_KEY"

import requests

url = "https://domain-intelligence-osiris.p.rapidapi.com/lookup/github.com"
headers = {
    "X-RapidAPI-Host": "domain-intelligence-osiris.p.rapidapi.com",
    "X-RapidAPI-Key": "YOUR_RAPIDAPI_KEY",
}
r = requests.get(url, headers=headers, timeout=15)
data = r.json()
print(data["ssl"]["issuer"], data["whois"]["registrar"])

import fetch from "node-fetch";

const res = await fetch(
  "https://domain-intelligence-osiris.p.rapidapi.com/lookup/github.com",
  { headers: {
      "X-RapidAPI-Host": "domain-intelligence-osiris.p.rapidapi.com",
      "X-RapidAPI-Key": process.env.RAPIDAPI_KEY,
  }}
);
const data = await res.json();
console.log(data.dns.A, data.email_security.spf);

<?php
$ch = curl_init("https://domain-intelligence-osiris.p.rapidapi.com/lookup/github.com");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, [
    "X-RapidAPI-Host: domain-intelligence-osiris.p.rapidapi.com",
    "X-RapidAPI-Key: " . getenv("RAPIDAPI_KEY"),
]);
$data = json_decode(curl_exec($ch), true);
echo $data["subdomains"]["count"];

Why this API

Six signals. One call. Zero glue code.

Stop stitching together python-whois, dnspython, raw socket SSL probes, and three different subdomain enumeration tools. We do it once, properly, and cache the result.

Aggregated & normalized

DNS, WHOIS, SSL, subdomains, email security — combined into one consistent JSON shape. No vendor-specific quirks to handle.

Modern RDAP WHOIS

We use RDAP-first with WHOIS fallback. Structured JSON output, not regex-parsed text. Handles new gTLDs and ccTLDs gracefully.

SSL certificate intel

Issuer, validity window, SANs, key algorithm, days-until-expiry. Detect misconfigured or expiring certs before they break production.

Email security audit

SPF parsing, DMARC policy extraction, MX lookup, DNSBL checks. Find phishing risk and deliverability gaps in seconds.

Edge-cached performance

Redis-backed cache with smart TTLs (DNS 5min, WHOIS 1hr, SSL 6hr). Cached responses return in <100ms. Fresh queries timeout-protected.

Production-ready

Per-endpoint timeouts, structured JSON logging, Prometheus metrics, graceful 502s on upstream failure. Built to live in your monitoring stack.

Endpoints

Six focused endpoints. Or one that returns everything.

Pull just what you need or grab the full picture in a single round trip. All endpoints return consistent JSON, with timestamp and source attribution.

GET/lookup/{domain}

Aggregate everything — DNS + SSL + WHOIS + subdomains + email security in one parallel call. The endpoint most users want.

GET/domain/{d}/dns

A, AAAA, MX, NS, TXT, CNAME, SOA records. All record types resolved in parallel with TTL preserved.

GET/domain/{d}/ssl

Live TLS handshake. Issuer, valid_from, valid_to, days remaining, SANs, signature algorithm, key bits.

GET/domain/{d}/whois

RDAP-first lookup with WHOIS fallback. Registrar, registrant, name servers, creation/expiry dates, status codes.

GET/domain/{d}/subdomains

Subdomain enumeration via crt.sh certificate transparency logs. Deduplicated and sorted.

GET/domain/{d}/email-security

SPF record parse, DMARC policy, MX servers, plus DNSBL reputation across major blocklists.

Pricing

Pay only for what you use.

Billed monthly via RapidAPI. Cancel anytime. Overages are charged per request beyond your monthly quota. Cached responses count the same as fresh.

BASIC

$0/mo

Everything you need to evaluate the API and ship a hobby project.

1,000 requests / month
All 6 endpoints
Edge cache included
No credit card required

Start free

Built for engineers who deal with domains daily.

Our customers use Domain Intelligence to power security tools, sales platforms, registrars, deliverability dashboards, and asset management products.

Security & threat intel

Enrich indicators of compromise. Spot newly registered look-alike domains. Audit certificate issuance and DNS posture during incident response.

Sales & lead enrichment

Look up MX provider, hosting clues, registration age, and corporate email setup before adding a lead to your CRM. Score domains automatically.

Email deliverability

Validate SPF, DMARC, and DKIM-supporting MX setup before sending. Catch policy gaps that hurt sender reputation and inbox placement.

Domain registrars & resellers

Power your customer dashboard with live SSL state, DNS health, and WHOIS info without maintaining your own scraping fleet.

Attack surface management

Continuous subdomain discovery via crt.sh. Track new SSL certificates issued for assets you own. Detect shadow IT before attackers do.

SaaS onboarding

When a customer adds a custom domain, validate DNS, SSL, and ownership signals in one call. Cut onboarding time from minutes to seconds.