docs / domain-intel
Domain Intelligence
Domain, DNS and WHOIS lookups.
base /domain-intel/v19 endpoints
post
/domain-intel/v1/whois1 creditregistration/WHOIS via RDAP (registrar, dates, status, NS, DNSSEC)
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
| raw = false | optional | — | If true, also attach the raw upstream RDAP JSON under whois.raw_rdap. |
| include_pii = false | optional | — | If true, return the full WHOIS/RDAP registrant contact. Default false → personal data is dropped (GDPR), organization kept. |
post
/domain-intel/v1/dns1 creditDNS records (A/AAAA/MX/TXT/NS/CNAME/SOA/CAA)
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
| types | optional | A · AAAA · MX · TXT · NS · CNAME · SOA · CAA | Which DNS record types to query (comma-separated string or array). Defaults to A,AAAA,MX,TXT,NS,CNAME,SOA,CAA. Other RR types are accepted and passed through to the resolver. |
post
/domain-intel/v1/ssl_certs1 creditSSL/TLS certificates from Certificate Transparency (CT) logs
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
| limit = 50 | optional | 1– | Max certificates to return (newest first). Default 50. |
| deep = false | optional | — | If true, query the full crt.sh CT-log history (slower, deeper) instead of the fast certspotter source first. |
post
/domain-intel/v1/subdomains1 creditsubdomain discovery via CT-log cert SANs
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
| deep = false | optional | — | If true, query the full crt.sh CT-log history (slower, deeper) instead of the fast certspotter source first. |
post
/domain-intel/v1/availability1 creditdomain registration availability via RDAP
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
post
/domain-intel/v1/tld_listfreeIANA TLD list (optionally filtered)
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| search | optional | — | Case-insensitive substring filter over the IANA TLD list (e.g. 'shop' → shop, eshop, bargains…). |
| limit | optional | 1– | Max TLDs to return (0/unset = all ~1500). |
post
/domain-intel/v1/tld_detailfreeTLD metadata + RDAP server (IANA bootstrap)
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| tld | required | — | A top-level domain, with or without a leading dot (e.g. com, io, co.uk). Returns its type + IANA RDAP server(s). |
post
/domain-intel/v1/tech_detect1 credittech-stack fingerprint via response headers/HTML
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
post
/domain-intel/v1/full_report3 creditsmerged whois+dns+ssl_certs+subdomains (one call)
| Parameter | Allowed / range | Description | |
|---|---|---|---|
| domain | required | — | The domain to inspect (a bare host like github.com; a full URL or leading www. is accepted and normalized). |
| include_tech = false | optional | — | If true, also run the tech-stack fingerprint as part of full_report. |
| include_pii = false | optional | — | If true, return the full WHOIS/RDAP registrant contact. Default false → personal data is dropped (GDPR), organization kept. |
| deep = false | optional | — | If true, query the full crt.sh CT-log history (slower, deeper) instead of the fast certspotter source first. |
Example request · whois
curl -X POST https://api.reefapi.com/domain-intel/v1/whois \
-H "x-api-key: $REEF_KEY" \
-H "content-type: application/json" \
-d '{"domain":"github.com"}'Response shape
{
"ok": true,
"data": { /* the result */ },
"meta": {
"latency_ms": 240,
"record_count": 12,
"completeness_pct": 100
},
"error": null
}