DomainScan API documentation — REST reference for WHOIS, DNS, IP intelligence, SSL, email authentication and security headers.
Complete reference for the DomainScan REST API. 27 endpoints across Domain, Network/IP and Security categories. JSON responses with a consistent envelope, bearer-token auth (or anonymous calls), predictable rate limits, stable error codes and date-pinned versioning. Every endpoint on this site is also a UI tool — switch between them with a click.
Start here
Six short guides covering everything you need before your first integration:
First successful API call with cURL or fetch. Anonymous and authenticated examples side by side.
Bearer tokens, anonymous access, multi-key isolation and how to rotate compromised credentials.
Date-based version tags, stability levels (STABLE, BETA, DEPRECATED) and backward-compatibility guarantees.
Per-plan caps, burst behavior, X-RateLimit-* headers and how to design retries with exponential backoff.
Every error code with HTTP status, machine code, human description and recommended client-side response.
Free 100 credits/mo, Starter $5, Pro $18, Business $82. Credit weights per endpoint.
Domain endpoints — WHOIS, DNS, email authentication
WHOIS / RDAP — owner, age, expiry, nameservers, DNSSEC.
Any record type (A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, SRV, ALL).
Resolver catalogue used across DNS endpoints.
PTR query against a chosen public resolver.
Per-resolver agreement across Google / Cloudflare / OpenDNS / Quad9.
Composite 0–100 Trust Score with AI recommendations.
NS records with optional A/AAAA resolution.
Playwright-rendered PNG/JPEG/PDF captures.
Validate SPF and count DNS lookups.
Inspect DMARC policy, enforcement, reporting.
Selector, public key, key strength, DNSSEC.
GPTBot / ClaudeBot / Perplexity visibility check.
Network / IP endpoints
Caller IPv4/IPv6 with geo, ISP, ASN.
Full geolocation, ISP, ASN, trust score.
ISP/carrier and ASN slice of IP Lookup.
Probe arbitrary TCP ports — open / closed / filtered.
Latency, packet loss and connection stability.
Network path with per-hop latency.
Sweep standard service ports in one call.
Network/broadcast/mask/range from CIDR.
Domains hosted on a given IP.
Security endpoints
Cert, chain, grade, protocols, ciphers.
Intermediate + root validation with missing-link detection.
Multi-source DNSBL + reputation check.
OUI → vendor + country lookup.
Vendor → all assigned OUI blocks.
HSTS / CSP / XFO / referrer / permissions policy.