WHOIS and RDAP, the full DNS surface, SSL and Certificate Transparency history, GeoIP and ASN, email authentication, and company enrichment from nothing but a domain — all from one API. Read public records and answer the questions that matter before you ever fetch a page.
Built for security teams · packaged in the domain-intelligence bundle · see the lead-enrichment recipe.
Raw A / MX / TXT / NS / CNAME / AAAA records from /v1/dns/lookup, and a separate intelligence pass that names the email provider, the nameserver provider, and the SPF / DMARC posture from those records. One request replaces a stack of dig commands and a lookup table.
Live certificate posture from /v1/intel/ssl — issuer, SANs, expiry, days remaining — plus the full Certificate Transparency history for a domain and every subdomain it has ever issued a cert for. Built for renewal monitoring and footprint mapping, not one-off curiosity.
GeoIP and ASN resolution for any public IPv4 or IPv6 address, served from a local database with no per-lookup latency. Map an IP to its country, network operator, and autonomous system without leaving the call you are already making.
WHOIS / RDAP returns the registrar, creation and expiry dates, abuse contacts, and nameservers as structured fields — not a free-text blob you have to parse. Detect when infrastructure quietly changes hands.
Parse and score SPF, DKIM, DMARC, and BIMI for a domain in a single DNS-only call. No SMTP probing, no mail sent — just the published policy and a posture score you can gate deliverability decisions on.
Point /v1/enrich/company at a homepage or about page and get a lite company profile built from public structured data — organization markup, open-graph tags, social profiles, and contact patterns. No third-party company-data feed in the loop.
Drop any of these into a terminal or notebook.
# One call returns the full DNS + provider picture for a domain.
curl -X POST https://api.ollagraph.com/v1/dns/intelligence \
-H "Authorization: Bearer $OLLAGRAPH_API_KEY" \
-H "Content-Type: application/json" \
-d '{"domain": "example.com"}'
# Response includes email_provider, nameserver_provider,
# has_spf, has_dmarc, inferred technologies, and the raw records.# Registrar, key dates, abuse contacts, nameservers — structured.
curl -X POST https://api.ollagraph.com/v1/intel/whois \
-H "Authorization: Bearer $OLLAGRAPH_API_KEY" \
-d '{"domain": "example.com"}'
# Certificate posture for renewal monitoring.
curl -X POST https://api.ollagraph.com/v1/intel/ssl \
-H "Authorization: Bearer $OLLAGRAPH_API_KEY" \
-d '{"domain": "example.com"}'
# Returns issuer, subject, SANs, not_after, days_remaining.import httpx
# Turn a bare domain into a company + infrastructure profile.
key = {"Authorization": "Bearer $OLLAGRAPH_API_KEY"}
dns = httpx.post(
"https://api.ollagraph.com/v1/dns/intelligence",
headers=key, json={"domain": "example.com"},
).json()
company = httpx.post(
"https://api.ollagraph.com/v1/enrich/company",
headers=key, json={"url": "https://example.com"},
).json()
print(dns["email_provider"]) # which provider runs their mail
print(dns["nameserver_provider"]) # which provider runs their DNS
print(company["name"], company["socials"])Every endpoint here reads public, free-to-query data — DNS, Certificate Transparency, RDAP, a local GeoIP database, and the page itself.
A, MX, TXT, NS, CNAME, and AAAA records in one structured response.
Email provider, nameserver provider, SPF and DMARC posture, and inferred technology footprint — layered on the raw lookup.
Registrar, creation and expiry dates, abuse contacts, and nameservers as structured fields.
Issuer, subject, SANs, expiry date, and days remaining — built for monitoring and pipeline-aware renewals.
Every certificate ever issued for the domain or any subdomain, from public CT logs, deduplicated and newest-first.
Discover subdomains from public Certificate Transparency logs — no DNS brute-forcing, no paid feeds.
Parse and score SPF, DKIM, DMARC, and BIMI for a domain. All-DNS, no message ever sent.
Country, region, city, lat/lon, timezone, ASN, and ISP for any public IPv4 or IPv6 — from a local database.
Resolve an IP or AS number to its autonomous system, network operator, and announced prefixes.
Technology stack, contact emails and phones, social profiles, feeds, logos, and favicons from a single page.
A lite company profile from one page — organization markup, og:* tags, social anchors, contact patterns.
Part of the full 145-endpoint surface — browse it as the domain-intelligence bundle or alongside the scraping and crawl families.
DNS lookup returns the raw records — A, MX, TXT, NS, and so on. DNS intelligence layers analysis on top: it names the provider running your email, the provider running your nameservers, whether SPF and DMARC are present, and the technologies it can infer from those records. The intelligence call returns the lookup data too, so you can replace two requests with one.
From public Certificate Transparency logs. The cert-transparency-history endpoint returns every certificate ever issued for the domain or any subdomain, deduplicated and sorted newest-first. The subdomain-enumerate endpoint reads the same logs to surface hostnames a domain has issued certificates for. There is no DNS brute-forcing and no paid feed — it is all public, append-only log data.
Yes. The email-auth endpoint parses and scores SPF, DKIM, DMARC, and BIMI entirely from published DNS records. No SMTP handshake, no message is sent. You get the policy that is published and a posture score you can use to gate sending decisions, all from a single call.
From a local database, so there is no per-lookup network round trip and no third-party rate limit in the path. Pass any public IPv4 or IPv6 address to /v1/intel/geoip for country, region, city, coordinates, timezone, ASN, and ISP, or hit /v1/intel/asn directly to resolve an IP or AS number to its network operator and announced prefixes.
Yes. These endpoints either read public records — DNS, Certificate Transparency, WHOIS / RDAP — or perform a single non-intrusive request against the target. Heavy usage against one domain is rate-limited on our side before the target ever feels pressure.
No. The intelligence family is built on public, free-to-query data sources: the DNS system, public Certificate Transparency logs, RDAP / WHOIS, a local GeoIP and ASN database, and the public HTML and structured data of the page itself. There is no paid breach, reputation, or threat-intel feed in the customer-facing path.
It is real-time and lives in the same API as scraping, crawling, and extraction, behind a single bearer token. You enrich a domain with DNS, certificates, network identity, and a company profile in the same pipeline that fetches its pages — no separate contract, no second SDK, and failed calls auto-refund so a registrar timeout never costs you a credit.
1,000 free credits, one bearer token, failed calls auto-refund. No paid threat-intel feed in the path.