M
API Matrix

SecurityTrails API

Security / API Key Intermediate HTTPS
Varies by plan (check documentation)
42 Score
Grade D
Visit Official Site Compare Alternatives

Overview

SecurityTrails provides detailed DNS and WHOIS history for domains and IP addresses, letting you trace how a domain's configuration has changed over time. You can look up current and historical A records, MX records, nameservers, and registration data. It's valuable for threat hunting, domain investigations, and competitive research.

💡

Beginner Tip

Start with the /v1/domain/{hostname} endpoint to get a quick snapshot of any domain's current DNS records and WHOIS data in one call.

Available Data

IP address information
geographic location
ASN and ISP data

Example Response

JSON Response 
{
  "route": "Line 1",
  "origin": "Station A",
  "destination": "Station B",
  "departure": "08:30",
  "arrival": "09:15",
  "status": "On Time",
  "delays_min": 0
}

Field Reference

hostname The domain name that was queried.
current_dns Present DNS records grouped by type (a, aaaa, mx, ns, soa, txt).
current_dns.a.values List of current A record IP addresses for the domain.
alexa_rank Domain popularity rank (if available).
apex_domain The root domain, useful when you query a subdomain.
subdomain_count Number of known subdomains discovered for this domain.

Implementation Example 

const url = "https://securitytrails.com/corp/apidocs";
// Replace headers or query params with the values required by this API.
const response = await fetch(url, {
  headers: {
  "X-API-Key": "YOUR_API_KEY"
  }
});
if (!response.ok) throw new Error(`Request failed: ${response.status}`);
const data = await response.json();
console.log(data);

What Can You Build?

Note: These code examples are AI-generated and unverified. Always refer to the official API documentation for accurate usage.

Common Errors & Troubleshooting

401 Unauthorized The API key is missing or passed in the wrong header.
SecurityTrails uses the APIKEY header (not Authorization) — ensure it is set correctly in every request.
429 Rate Limit Exceeded Free plans have strict monthly quota limits.
Cache responses for domains you check frequently, and check your usage at securitytrails.com/app/account/usage.
Empty results for some DNS record types Not all domains have all record types (e.g., MX, TXT may be absent).
Check the type field in the response to confirm which record types are present before accessing nested data.

Matrix Score Breakdown

🌐 Reachability 0/30
⚡ Speed 15/20
🔒 Security 15/15
🛠 Developer XP 12/20
✓ Reliability 0/15

Partially tested on Apr 5, 2026

Technical Specifications

Auth API Key
HTTPS REQUIRED
CORS UNKNOWN
Category Security
Difficulty Intermediate
Verified: 2026-04-04

Similar APIs

View All →

Application Environment Verification

82

Application Environment Verification (AEV) is an Android library and API from FingerprintJS that checks whether a user device is safe to use.

API Key Intermediate HTTPS

BinaryEdge

82

BinaryEdge is a cybersecurity platform that continuously scans the entire internet and exposes the results through its API.

API Key Intermediate HTTPS

Botd

82

Botd is an open-source JavaScript library and API from FingerprintJS that detects whether a web visitor is a bot or a real human browser.

API Key Intermediate HTTPS

Bugcrowd

72

The Bugcrowd API gives you programmatic access to your organization's bug bounty program data, including submissions, rewards, and researcher profiles.

API Key Intermediate HTTPS

Censys

44

Censys is an internet-wide scanning platform that lets you search for any internet-connected host, device, or certificate using its REST API.

API Key Intermediate HTTPS