VOOZH about

URL: https://apify.com/apivault_labs/domain-intelligence-scraper

⇱ Domain Intelligence β€” WHOIS+DNS+SSL+Subdomains Β· Apify

πŸ‘ Domain Intelligence Scraper | $10/1K | WHOIS+DNS+SSL avatar

Domain Intelligence Scraper | $10/1K | WHOIS+DNS+SSL

Pricing

from $10.00 / 1,000 domain analyzeds

Go to Apify Store

Domain Intelligence Scraper | $10/1K | WHOIS+DNS+SSL

WHOIS + DNS + SSL + subdomain lookup for any domain. Perfect for OSINT, security audits, SEO research, lead generation.

Pricing

from $10.00 / 1,000 domain analyzeds

Rating

0.0

(0)

Developer

πŸ‘ Apivault Labs

Apivault Labs

Maintained by Community

Actor stats

0

Bookmarked

4

Total users

2

Monthly active users

2 minutes ago

Last modified

Share

🌐 Domain Intelligence Scraper | $10/1K | WHOIS + DNS + SSL + Subdomains

⚑ Use this Actor in n8n β€” no code

Building no-code workflows in n8n? Install our official community node and drop this Actor straight onto your canvas:

πŸ“¦ n8n-nodes-apivault-domain-intel

Setup (30 seconds): in n8n go to Settings β†’ Community Nodes β†’ Install, paste n8n-nodes-apivault-domain-intel and confirm β†’ add the new node to your workflow β†’ paste your Apify API token β†’ fill in the input and run.

Bulk domain intelligence in one actor. Get WHOIS (registrar, dates, owner), DNS records (A, MX, NS, TXT, CAA), SSL certificate history, subdomain discovery, and HTTP security headers β€” all from a single API call. Perfect for cybersecurity, OSINT, SEO, and B2B enrichment.

✨ Key Features

  • πŸ“‹ WHOIS via RDAP (modern, JSON, fast)
  • 🌐 DNS records via Cloudflare DNS-over-HTTPS (A, AAAA, MX, NS, TXT, CNAME, CAA)
  • πŸ”’ SSL certificate history via crt.sh (certificate transparency logs)
  • πŸ•ΈοΈ Subdomain discovery from SSL certificate SANs (passive OSINT)
  • πŸ›‘οΈ HTTP security headers (HSTS, CSP, X-Frame-Options, Cloudflare/CloudFront detection)
  • πŸ“Š Bulk β€” process 100s of domains in parallel
  • πŸ”’ Zero API keys β€” all public data sources

Input

Single domain deep dive

{
"domains":["apify.com"]
}

Bulk security audit

{
"domains":["company.com","subsidiary.io","legacy.net"],
"extractSubdomains":true,
"maxConcurrency":10
}

DNS + WHOIS only (fast mode)

{
"domains":["lead1.com","lead2.com","lead3.com"],
"extractWhois":true,
"extractDns":true,
"extractSsl":false,
"extractSubdomains":false,
"extractHttp":false
}

Input Parameters

FieldTypeRequiredDescription
domainsstring[]βœ…Domains (URLs or bare). Example: apify.com
extractWhoisbool❌WHOIS via RDAP (default: true)
extractDnsbool❌DNS records (default: true)
extractSslbool❌SSL certificate data (default: true)
extractSubdomainsbool❌Subdomain discovery via crt.sh (default: true)
extractHttpbool❌HTTP response headers (default: true)
maxConcurrencyint❌Parallel lookups (default: 5)
timeoutint❌Timeout per API call (default: 15)

Output

{
"success":true,
"domain":"apify.com",
"whois":{
"registrationDate":"2015-12-17T08:31:32Z",
"expirationDate":"2028-12-17T08:31:32Z",
"lastUpdatedDate":"2024-10-23T11:15:48Z",
"registrar":"Gandi SAS",
"registrantOrg":"Apify Technologies",
"nameservers":["ns1.digitalocean.com","ns2.digitalocean.com"],
"status":["client transfer prohibited"]
},
"dns":{
"a":["18.184.171.89"],
"aaaa":[],
"mx":["10 aspmx.l.google.com.","20 alt1.aspmx.l.google.com."],
"ns":["ns1.digitalocean.com.","ns2.digitalocean.com."],
"txt":["v=spf1 include:_spf.google.com ~all","google-site-verification=..."],
"cname":[],
"caa":["0 issue \"letsencrypt.org\""]
},
"ssl":{
"certCount":847,
"latestIssuer":"C=US, O=Let's Encrypt, CN=R10",
"latestNotBefore":"2026-04-15T10:23:00Z",
"latestNotAfter":"2026-07-14T10:23:00Z",
"latestCommonName":"apify.com"
},
"subdomains":["api.apify.com","console.apify.com","docs.apify.com", ...],
"subdomainCount":47,
"http":{
"finalUrl":"https://apify.com/",
"statusCode":200,
"server":"cloudflare",
"xPoweredBy":"",
"cfRay":"8f9a...abcd-FRA",
"strictTransportSecurity":"max-age=63072000; includeSubDomains",
"contentSecurityPolicy":"default-src 'self'...",
"viaCloudflare":true,
"viaCloudfront":false,
"redirected":true
}
}

Use Cases

πŸ›‘οΈ Cybersecurity Auditing

  • Detect missing HSTS / CSP headers across your domains
  • Find forgotten subdomains (attack surface mapping)
  • Discover expiring SSL certificates
  • Bulk-audit a portfolio after M&A

πŸ” OSINT Investigations

  • Map an organization's entire domain infrastructure
  • Find associated subsidiaries via WHOIS registrant
  • Track nameserver patterns (Cloudflare, Route53, self-hosted)

πŸ“ˆ SEO Research

  • Analyze competitor DNS setup (CDN used, MX = which email provider)
  • Find expiring domains in your niche
  • Detect migration patterns (nameserver changes)

πŸ’Ό B2B Lead Enrichment

  • Get company tech stack signals (Cloudflare, CloudFront, custom server)
  • Identify email provider (MX record β†’ Google, Microsoft, etc.)
  • Estimate company size via subdomain count

🧬 Bulk Domain Audits

  • Feed a list of domains, get a full profile of each
  • Diff over time to spot changes

Pricing

  • $0.01 per domain ($10 per 1,000 domains)
  • All 5 data sources included in one price
  • Pay only for successfully processed domains

How it works

Five independent API calls per domain, all to free public services:

  1. RDAP (rdap.org) β€” modern WHOIS, JSON format, no rate limit for normal use
  2. Cloudflare DoH (cloudflare-dns.com/dns-query) β€” DNS-over-HTTPS, fast and reliable
  3. crt.sh β€” public certificate transparency log, sometimes slow but free
  4. HTTPS HEAD request β€” lightweight, just response headers
  5. crt.sh SAN extraction β€” subdomains from SSL cert history

No proxies needed. No API keys. No rate limit surprises.

Notes

  • WHOIS privacy: many registrars hide owner contact (GDPR). You'll get registrar + dates but often not registrant name.
  • crt.sh can be slow β€” during peak hours, subdomain queries may take 10-20 seconds.
  • Subdomain discovery is passive β€” you only find subdomains that appeared in SSL certs. Not a full port scan.
  • DNS reflects what public DNS servers cache, not the authoritative zone.

Pro tips

  • Security audits: check strictTransportSecurity and contentSecurityPolicy across your assets
  • Lead enrichment: mx containing aspmx.l.google.com = Google Workspace customer
  • Tech stack: server: cloudflare + cf-ray header = hosted behind Cloudflare
  • M&A due diligence: run on both buyer and target domains to spot subsidiaries
  • Combine with our Shopify/WooCommerce scrapers to validate e-commerce tech stack of target companies

You might also like

Domain WHOIS & DNS Lookup - Bulk Domain Intelligence

santamaria-automations/domain-whois-dns

Bulk domain intelligence β€” WHOIS records (registrar, dates, contacts), DNS records (A, MX, TXT, NS), and email provider detection. Perfect for B2B prospecting, security audits, domain monitoring, and data enrichment.

DNS, WHOIS, SPF/DMARC, SSL Domain Audit

jungle_synthesizer/dns-domain-audit

Bulk domain audit covering DNS records, WHOIS registration, SPF/DMARC/DKIM email auth, SSL certificate, and reverse DNS. No browser, no proxy -- pure Node, sub-second per domain.

πŸ‘ User avatar

BowTiedRaccoon

2

Domain WHOIS Lookup - Age, Expiry, Registrar, DNS

george.the.developer/domain-whois-lookup

Look up WHOIS data, domain age, expiration date, registrar, nameservers, and DNS records for any domain. Bulk lookup supported.

19

Domain Intelligence: WHOIS + DNS Bulk Lookup

scrapemint/domain-intelligence

Pass a list of domains, get WHOIS data, DNS records, and inferred signals like email provider, DNS provider, and SPF/DMARC presence. Built for SDRs, brand protection teams, and email deliverability consultants. One row per domain. Pay per lookup.