API REFERENCE · GET · STABLE

Domain Trust Score API — /api/v1/domain/trust

Aggregates WHOIS, NS, SPF, DMARC, SSL, ~130 DNSBLs, port scan and traffic signals into a single 0–100 Trust Score with per-dimension breakdown and AI-generated recommendations. Expensive — counts as 5 credits.

01 · OVERVIEW

What Domain Trust Score does

Aggregates WHOIS, NS, SPF, DMARC, SSL, ~130 DNSBLs, port scan and traffic signals into a Trust Score (0–100) plus a Trust Grade (Low / Medium / High risk) with per-dimension breakdown and AI recommendations. Expensive — counts as 5 credits. Formerly served as /api/v1/domain/health; the old path is a permanent 301 to /api/v1/domain/trust.

  • Method GET
  • Path /api/v1/domain/trust (legacy alias: /api/v1/domain/health)
  • Stability STABLE
  • Version v2026-07-15
  • Summary Composite Trust Score covering registration, DNS, SSL, email auth, blacklist and reputation.
02 · PARAMETERS

Request parameters

Pass these as query-string parameters (or, where indicated, in the request headers). Required params marked required.

  • domain (required) — string Apex domain to score.
  • detailed — boolean, default false Include per-check raw output (5–10x larger payload).
03 · RESPONSE

Response schema

All successful responses follow the standard `{ success: true, data: {...} }` envelope. Notable fields on the data object for this endpoint:

  • data.domain — object Normalised domain parts.
  • data.domainRecord — object Same shape as `/domain/lookup`.
  • data.LocalAnalysis.overall — object Deterministic sub-scores: healthScore (Trust Score), reputationScore, phishingRisk (Low/Medium/High). Field name `healthScore` is preserved for API backward compatibility.
  • data.AiAnalysis.overall_health_score — number Composite Trust Score (0–100). Field name preserved for backward compat; product surface renders this as 'Trust Score'.
  • data.AiAnalysis.risk_level — string Trust Grade — 'Low', 'Medium', or 'High'. Field name preserved for backward compat.
  • data.AiAnalysis.security_recommendations — array<object> Prioritised fix list with `title`, `value`, and `analysis`.
04 · EXAMPLE

Example response

Truncated but representative example for a real Trust Score request:

Sample response
{
  "success": true,
  "data": {
    "domain": {
      "input": "google.com",
      "tld": "com",
      "sld": "google",
      "domain": "google.com"
    },
    "AiAnalysis": {
      "overall_health_score": "92",   // Trust Score (0–100)
      "risk_level":           "Low",  // Trust Grade
      "reputation_score":     "99",
      "phishing_risk":        "5",
      "malware_detection":    "Clean",
      "security_recommendations": []
    },
    "LocalAnalysis": {
      "overall": {
        "healthScore":      92,
        "reputationScore":  95,
        "phishingRisk":     "Low"
      }
    }
  }
}
05 · ERRORS

Error codes

Errors return HTTP status codes paired with stable machine-readable codes. Match on the code field rather than the human-readable message.

  • 400 VALIDATION_ERROR Invalid domain.
  • 503 UPSTREAM_UNAVAILABLE One or more checks timed out — partial results may still be returned.
06 · BEST PRACTICES

Implementation tips

Patterns we recommend when integrating this endpoint:

  • Run nightly per monitored domain, not on every page view.
  • Use `detailed=false` unless you're surfacing per-check evidence to end users.
  • Cache Trust Score responses for at least 30 minutes — the underlying signals rarely move faster than that.
07 · FAQ

Frequently asked questions

  • Why 5 credits per call? This endpoint internally calls 6 other tools plus an AI pass for recommendations.
  • Why does the response body still use `overall_health_score`? The endpoint was renamed from /domain/health to /domain/trust as part of a rebrand, but the JSON response shape is preserved for backward compatibility. `overall_health_score` is the Trust Score, `risk_level` is the Trust Grade. New keys may be added alongside these in a future minor version.
  • Does the old /api/v1/domain/health still work? Yes. It is kept as a permanent alias that hits the same handler with the same response shape. New integrations should use /api/v1/domain/trust.