API Documentation
The dnschkr API provides programmatic access to WHOIS, DNS, IP intelligence, and email security tools. Build integrations, monitor domains, and automate lookups with a simple REST API.
Base URL
https://dnschkr.com/api/v1/Requirements
- A subscription that covers the endpoints you want to call. A general plan (pricing) covers every endpoint, including IP Intelligence. An IP Intelligence plan has a free tier (1,000 IP lookups/day) and covers only the IP Intelligence endpoint.
- API key generated from your dashboard
Platform guides
Drop-in integrations for common stacks.
- WordPress integration guide — ten production-ready PHP recipes built on a single mu-plugin helper: wp-login.php brute-force defense, WooCommerce checkout fraud scoring, EU-only GDPR banner, hosting-ASN throttling, and bulk WP-CLI enrichment.
Authentication
All API requests require a Bearer token. Generate API keys from your dashboard.
cURL
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois?domain=example.com"JavaScript
const res = await fetch('https://dnschkr.com/api/v1/whois?domain=example.com', {
headers: { 'Authorization': 'Bearer dk_live_...',
'Accept': 'application/json'}
});
const { data, meta } = await res.json();Python
import requests
r = requests.get('https://dnschkr.com/api/v1/whois',
params={'domain': 'example.com'},
headers={'Authorization': 'Bearer dk_live_...',
'Accept': 'application/json'})
data = r.json()Note: API keys are shown once at creation. Store them securely. If lost, revoke and create a new key from your dashboard.
Response Format
All successful responses follow a standard envelope with data and meta fields. Properties use camelCase. Dates are ISO 8601 format. Paginated endpoints include a nextCursor in meta.
{
"data": { ... },
"meta": {
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2026-03-03T12:00:00.000Z",
"credits": { "used": 1, "remaining": 49 },
"nextCursor": "..." // only on paginated endpoints
}
}The credits object contains used (credits consumed by this request) and remaining (credits left in current period). Free endpoints return used: 0.
Response Headers
| Header | Description |
|---|---|
X-Credits-Used | Number of credits consumed by this request |
X-Credits-Remaining | Credits remaining in current period |
X-RateLimit-Limit | Maximum requests allowed per day |
X-RateLimit-Remaining | Requests remaining today |
X-RateLimit-Reset | Unix timestamp when rate limit resets (midnight UTC) |
Error Codes
Error responses include a structured error object with machine-readable code, human-readable message, and HTTP status.
{
"error": {
"code": "MISSING_PARAMETER",
"message": "Required parameter 'domain' is missing",
"status": 400
},
"meta": {
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2026-03-03T12:00:00.000Z"
}
}| Code | Status | Description |
|---|---|---|
MISSING_PARAMETER | 400 | Required parameter not provided |
INVALID_PARAMETER | 400 | Parameter value is invalid |
UNAUTHORIZED | 401 | Missing or invalid API key |
FORBIDDEN | 403 | API access requires a paid plan |
NOT_FOUND | 404 | Resource not found |
INSUFFICIENT_CREDITS | 402 | Not enough credits for this request |
RATE_LIMITED | 429 | Daily request limit exceeded |
INTERNAL_ERROR | 500 | Internal server error |
UPSTREAM_ERROR | 502 | Backend service returned an error or is unavailable |
SERVICE_UNAVAILABLE | 503 | Credit system temporarily unavailable |
TIMEOUT | 504 | Backend service timed out |
Rate Limits
Per-key request limits depend on the active subscription. Two product lines are billed separately:
| Product | Plan | Quota |
|---|---|---|
| General API | Starter | 100 requests/day |
| Plus | 100 requests/day | |
| Pro | 1,000 requests/day | |
| IP Intelligence | Free | 1,000 IP lookups/day |
| Indie | 50,000 IP lookups/month | |
| Growth | 300,000 IP lookups/month | |
| Scale | 2,000,000 IP lookups/month |
Rate limit status is included in response headers:
X-RateLimit-Limit- Maximum requests per dayX-RateLimit-Remaining- Requests remaining todayX-RateLimit-Reset- Unix timestamp of next reset (midnight UTC)
When rate limited, the response includes a Retry-After header with the number of seconds until the limit resets.
Credits
API calls consume credits from the active subscription. Credit cost varies by endpoint complexity. Credit balance is included in every response body and headers. Some endpoints (MX, SPF, DKIM, DMARC, Robots.txt) are free and consume no credits.
Cross-product credit rules
- A general plan covers every endpoint, including IP Intelligence (the underlying tool at /ip-address-lookup is the same service).
- An IP Intelligence plan covers only the IP Intelligence endpoint. Its credits do not stack onto DNS Inspector, WHOIS, port scan, or other endpoints.
- Customers holding both a general plan and an IP Intelligence plan see a combined IP Intelligence quota; other endpoints draw only from the general plan's pool.
| Endpoint | Credit Cost |
|---|---|
| WHOIS Lookup | 1 credit |
| Domain Age | 1 credit |
| Domain Expiry | 1 credit |
| Reverse WHOIS | 3 credits |
| Expiring Domains | 3 credits |
| Bulk WHOIS (per request) | 5 credits |
| DNS Lookup | 1 credit |
| IP Intelligence | 1 credit |
| MX Records | 0 (free) credits |
| SPF Check | 0 (free) credits |
| DKIM Check | 0 (free) credits |
| DMARC Check | 0 (free) credits |
| Port Scan | 2 credits |
| Security Headers | 1 credit |
| Robots.txt Check | 0 (free) credits |
| Reverse NS Lookup | 1 credit |
View your current credit balance and usage history in your dashboard.
GET
/api/v1/whois1 creditRetrieve WHOIS/RDAP registration data for a domain including registrar, dates, nameservers, and status codes.
Try it free at the WHOIS Lookup tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to look up (e.g. example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"registrar": "RESERVED-Internet Assigned Numbers Authority",
"createdDate": "1995-08-14T04:00:00Z",
"expiresDate": "2026-08-13T04:00:00Z",
"updatedDate": "2024-08-14T07:01:38Z",
"nameservers": ["a.iana-servers.net", "b.iana-servers.net"],
"statusCodes": ["client delete prohibited", "server update prohibited"],
"domainAge": { "years": 30, "months": 6, "days": 17, "totalDays": 11159 },
"rawRdap": { "..." : "full RDAP response object" }
},
"meta": {
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2026-03-03T12:00:00.000Z",
"credits": { "used": 1, "remaining": 49 }
}
}GET
/api/v1/whois/age1 creditGet the age of a domain computed from its WHOIS creation date.
Try it free at the Domain Age Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check (e.g. example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois/age?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"createdDate": "1995-08-14T04:00:00Z",
"age": { "years": 30, "months": 6, "days": 17, "totalDays": 11159 },
"registrar": "RESERVED-Internet Assigned Numbers Authority"
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 48 } }
}GET
/api/v1/whois/expiry1 creditCheck when a domain expires and how many days remain.
Try it free at the Domain Expiry Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check (e.g. example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois/expiry?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"expiresDate": "2026-08-13T04:00:00Z",
"daysRemaining": 163,
"status": "active",
"registrar": "RESERVED-Internet Assigned Numbers Authority"
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 47 } }
}GET
/api/v1/whois/reverse2 creditsSearch domains by registrar, nameserver provider, TLD, or creation date range. At least one filter parameter is required.
Try it free at the Reverse WHOIS tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
registrar | string | Optional | Filter by registrar name (partial match) |
ns_provider | string | Optional | Filter by nameserver provider |
tld | string | Optional | Filter by TLD (e.g. com, net) |
created_after | string | Optional | ISO 8601 date, domains created after |
created_before | string | Optional | ISO 8601 date, domains created before |
cursor | string | Optional | Pagination cursor from previous response |
limit | number | Optional | Results per page (default 25, max 100) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois/reverse?registrar=GoDaddy&tld=com&limit=10"Example Response
{
"data": [
{
"domain": "example-domain.com",
"registrar": "GoDaddy.com, LLC",
"createdDate": "2020-01-15T00:00:00Z",
"expiresDate": "2026-01-15T00:00:00Z",
"nameservers": ["ns1.example.com"]
}
],
"meta": {
"requestId": "...",
"timestamp": "...",
"credits": { "used": 3, "remaining": 44 },
"nextCursor": "eyJzZWFyY2hfYWZ0ZXIiOlsiMjAyMC..."
}
}GET
/api/v1/whois/expiring2 creditsFind domains expiring within a specified number of days.
Try it free at the Expiring Domains feed to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
days | number | Required | Days until expiry (1-365) |
tld | string | Optional | Filter by TLD (e.g. com, net) |
keyword | string | Optional | Search keyword in domain name (e.g. solar, crypto) |
match_type | string | Optional | Keyword match mode: starts_with (default), contains, or ends_with |
min_length | number | Optional | Minimum domain label length (1-63, per RFC 1035) |
max_length | number | Optional | Maximum domain label length (1-63, per RFC 1035) |
min_age | number | Optional | Minimum domain age in years |
cursor | string | Optional | Pagination cursor from previous response |
limit | number | Optional | Results per page (default 100, max 100) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/whois/expiring?days=30&tld=com&keyword=solar&match_type=starts_with&limit=25"Example Response
{
"data": [
{
"domain": "expiring-soon.com",
"expiresDate": "2026-03-28T00:00:00Z",
"daysRemaining": 25,
"registrar": "Namecheap, Inc.",
"createdDate": "2015-03-28T00:00:00Z"
}
],
"meta": {
"requestId": "...",
"timestamp": "...",
"credits": { "used": 3, "remaining": 41 },
"nextCursor": "..."
}
}POST
/api/v1/whois/bulk3 creditsLook up WHOIS data for multiple domains in a single request. Maximum 100 domains per request.
Try it free at the WHOIS Lookup tool (single-domain) to sanity-check the response before wiring code.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domains | string[] | Required | Array of domain names (max 100) |
Example Request
curl -X POST -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"domains":["example.com","example.net"]}' \
"https://dnschkr.com/api/v1/whois/bulk"Example Response
{
"data": [
{
"domain": "example.com",
"registrar": "RESERVED-Internet Assigned Numbers Authority",
"createdDate": "1995-08-14T04:00:00Z",
"expiresDate": "2026-08-13T04:00:00Z",
"nameservers": ["a.iana-servers.net", "b.iana-servers.net"]
},
{
"domain": "example.net",
"registrar": "RESERVED-Internet Assigned Numbers Authority",
"createdDate": "1995-08-14T04:00:00Z",
"expiresDate": "2026-08-13T04:00:00Z",
"nameservers": ["a.iana-servers.net", "b.iana-servers.net"]
}
],
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 5, "remaining": 36 } }
}GET
/api/v1/dns1 creditQuery DNS records for a domain. Supports all major record types.
Try it free at DNS Inspector to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to query |
type | string | Optional | Record type: A, AAAA, MX, NS, TXT, CNAME, SOA, PTR, SRV, CAA (default: A) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/dns?domain=example.com&type=MX"Example Response
{
"data": {
"domain": "example.com",
"type": "MX",
"records": [
{ "priority": 10, "value": "mail.example.com", "ttl": 3600 }
]
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 35 } }
}GET
/api/v1/dns-inspector1 creditRun a comprehensive DNS health inspection on a domain. Returns 40+ tests across 11 categories including nameservers, SOA, A/AAAA, MX, security (DNSSEC, zone transfer), TXT (SPF), WWW, and performance.
Try it free at DNS Inspector to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to inspect (e.g. example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/dns-inspector?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"dns": {
"domain": "example.com",
"categories": {
"parent": [
{ "test": "Authoritative Nameservers", "status": { "text": "Info" }, "info": { "providers": [...] } },
{ "test": "TLD Delegation Check", "status": { "text": "Pass" } }
],
"ns": [
{ "test": "Nameserver Records from Zone", "status": { "text": "Info" } },
{ "test": "Open Recursive Queries", "status": { "text": "Pass" } },
{ "test": "NS Record TTL", "status": { "text": "Pass" } }
],
"soa": [
{ "test": "SOA record", "status": { "text": "Info" } },
{ "test": "SOA Serial Consistency", "status": { "text": "Pass" } }
],
"a": [
{ "test": "A Record Configuration", "status": { "text": "Info" } },
{ "test": "A Record TTL", "status": { "text": "Pass" } }
],
"aaaa": [
{ "test": "IPv6 Configuration", "status": { "text": "Info" } }
],
"mx": [
{ "test": "Mail Server Configuration", "status": { "text": "Info" } },
{ "test": "Mail Server Consistency", "status": { "text": "Pass" } }
],
"security": [
{ "test": "DNSSEC", "status": { "text": "Info" } },
{ "test": "Zone Transfer", "status": { "text": "Info" } }
],
"txt": [
{ "test": "TXT Records", "status": { "text": "Info" } },
{ "test": "SPF Record", "status": { "text": "Pass" } }
],
"www": [
{ "test": "WWW Configuration", "status": { "text": "Pass" } }
],
"performance": [
{ "test": "Analysis Performance", "status": { "text": "Info" } }
]
},
"raw": { "A": [...], "AAAA": [...], "MX": [...], "NS": [...], "TXT": [...], "SOA": [...] }
}
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 34 } }
}GET
/api/v1/ip1 creditFull IP intelligence for a single IPv4 or IPv6 address. Returns geolocation, ASN, threat detection, network WHOIS, a classification block (residential / hosting / VPN / Tor / proxy / etc.), a recommendation block with a severity score and suggested action, and an optional named-service block when the IP belongs to a known CDN, cloud platform, or search-engine crawler.
Try it free at the free IP geolocation tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
address | string | Required | IPv4 or IPv6 address to look up |
fallback | string | Optional | Set to "full" to opt into a Content API fallback for WHOIS enrichment on cache miss. Slower (adds up to 2 s) but returns more complete network registration data when the edge cache has no record. |
rdns | string | Optional | Set to "false" to skip the reverse DNS lookup and return immediately without waiting for PTR resolution. Useful when latency matters more than rDNS data. When omitted, rDNS is always attempted. |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/ip?address=8.8.8.8"Example Response
{
"data": {
"ip": "8.8.8.8",
"type": "IPv4",
"success": true,
"geo": {
"continent": "North America",
"continentCode": "NA",
"country": "United States",
"countryCode": "US",
"isEu": false,
"region": "California",
"regionCode": "CA",
"city": "Mountain View",
"postal": "94043",
"latitude": 37.4056,
"longitude": -122.0775,
"accuracyRadiusKm": 1000,
"flagEmoji": "🇺🇸",
"capital": "Washington D.C.",
"callingCode": "+1",
"currency": "USD"
},
"network": {
"asn": 15169,
"organization": "GOOGLE",
"isp": "Google LLC",
"networkCidr": "8.8.8.0/24",
"rir": "ARIN",
"reverseDns": "dns.google",
"reverseDnsValid": true
},
"timezone": {
"id": "America/Los_Angeles",
"abbreviation": "PST",
"utcOffset": "-08:00",
"currentTime": "2026-04-27T16:12:34-08:00",
"isDst": false
},
"security": {
"isTor": false,
"isVpn": false,
"isProxy": false,
"isDatacenter": true,
"isRelay": false,
"isBogon": false,
"threatScore": 0,
"threatLevel": "none",
"detectionSources": [],
"detectedServices": ["google-public-dns"],
"ipType": "datacenter"
},
"abuse": {
"networkName": "GOGL",
"description": "Google LLC",
"country": "US"
},
"classification": {
"primaryType": "hosting",
"isResidential": false,
"isMobile": false,
"isBusiness": false,
"isHosting": true,
"isVpn": false,
"isTor": false,
"isProxy": false,
"isResidentialProxy": false,
"isCloudGaming": false,
"isPrivacyRelay": false,
"isBogon": false
},
"recommendation": {
"severity": 0,
"action": "allow",
"score": 0,
"confidence": "high",
"reasons": [],
"summary": "Known Google infrastructure. No threat signals detected."
},
"service": {
"name": "Google Public DNS",
"category": "public-dns"
},
"whois": {
"handle": "NET-8-8-8-0-2",
"rir": "ARIN",
"networkName": "LVLT-GOGL-8-8-8",
"startAddress": "8.8.8.0",
"endAddress": "8.8.8.255",
"cidrList": ["8.8.8.0/24"],
"org": { "name": "Google LLC", "id": "GOGL", "address": "1600 Amphitheatre Parkway, Mountain View, CA 94043, US" },
"abuse": { "email": "[email protected]", "phone": "+1-650-253-0000" },
"technical": { "email": "[email protected]", "phone": null },
"dates": {
"registration": "2014-03-14T00:00:00Z",
"lastChanged": "2014-03-14T00:00:00Z",
"lastQueried": "2026-04-27T00:00:00Z"
},
"status": ["active"],
"contentHash": "abc123",
"contacts": [
{
"category": "general_abuse",
"displayName": "Abuse",
"tier": "standard",
"source": "entity",
"role": "abuse",
"name": "Google LLC",
"org": "Google LLC",
"emails": ["[email protected]"],
"phones": ["+1-650-253-0000"],
"address": null,
"handle": "ABUSE5250-ARIN",
"remarks": null
}
]
},
"whoisStatus": "available",
"meta": {
"dataFreshness": {
"geoliteCity": "2026-04-15",
"geoliteAsn": "2026-04-15",
"torNodes": "2026-04-27",
"cloudRanges": "2026-04-20",
"proxyLists": "2026-04-22"
},
"queryTimeMs": 142,
"cached": false
}
},
"meta": {
"requestId": "550e8400-e29b-41d4-a716-446655440000",
"timestamp": "2026-04-27T00:12:34.000Z",
"credits": { "used": 1, "remaining": 49, "dailyLimit": 50, "isAuthenticated": true }
}
}
// Notes:
// • whoisStatus: "available" — WHOIS data found and returned in whois block
// • whoisStatus: "not_in_data" — IP not present in the RDAP index; whois is null
// • whoisStatus: "block_no_handle" — Block found but has no ARIN/RIPE/APNIC handle; whois is null
// • whoisStatus: "ip_unknown" — IP version not recognisable (rare); whois is null
// • whoisStatus: "skipped" — Content API not configured; whois is null
//
// • service is null for IPs that don't belong to a named service
// • network.reverseDns is null and network.reverseDnsValid is false when PTR lookup fails
// or when rdns=false is passed (network.rdnsSkipped will be true in that case)
// • recommendation.severity: 0=allow, 1=review, 2=block
// • recommendation.confidence: "low" | "medium" | "high"GET
/api/v1/mxFreeLook up MX (Mail Exchange) records for a domain with priority and provider detection.
Try it free at the MX Record Lookup tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/mx?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"records": [
{ "priority": 10, "exchange": "mail.example.com", "ttl": 3600 }
]
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/spfFreeValidate and parse the SPF (Sender Policy Framework) record for a domain. Detects DNS lookup count, void lookups (RFC 7208 §4.6.4), include chain resolution, and policy analysis.
Try it free at the SPF Record Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/spf?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"record": "v=spf1 include:_spf.google.com -all",
"valid": true,
"dnsLookups": 4,
"dnsLookupLimit": 10,
"voidLookups": 0,
"voidLookupLimit": 2,
"voidLookupDetails": [],
"mechanisms": [
{ "qualifier": "+", "type": "include", "value": "_spf.google.com" },
{ "qualifier": "-", "type": "all", "value": "" }
],
"includeTree": [{ "domain": "example.com", "lookups": 4, "children": [...], "voidLookup": false }],
"qualifier": "-all"
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/dkimFreeLook up and validate the DKIM (DomainKeys Identified Mail) record for a domain.
Try it free at the DKIM Record Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check |
selector | string | Optional | DKIM selector (default: "default") |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/dkim?domain=example.com&selector=google"Example Response
{
"data": {
"domain": "example.com",
"selector": "google",
"record": "v=DKIM1; k=rsa; p=MIIBIjANBg...",
"valid": true,
"keyType": "rsa",
"keyLength": 2048
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/dmarcFreeLook up and parse the DMARC (Domain-based Message Authentication) record for a domain. Verifies external reporting authorization per RFC 7489 §7.1.
Try it free at the DMARC Record Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/dmarc?domain=example.com"Example Response
{
"data": {
"domain": "example.com",
"record": "v=DMARC1; p=reject; rua=mailto:[email protected]",
"valid": false,
"policy": "reject",
"subdomainPolicy": null,
"alignment": { "spf": "relaxed", "dkim": "relaxed" },
"reporting": {
"aggregate": ["mailto:[email protected]"],
"forensic": [],
"interval": 86400,
"format": "afrf",
"failureOptions": "0"
},
"externalReporting": [{
"uri": "mailto:[email protected]",
"destinationDomain": "thirdparty.com",
"isExternal": true,
"authorized": false,
"authorizationRecord": null
}],
"adoptionLevel": "enforced",
"percentage": 100
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}POST
/api/v1/port-scan1 creditScan TCP ports on a target host. Maximum 20 ports per request.
Try it free at the Port Scanner to sanity-check the response before wiring code.
Body Parameters
| Name | Type | Required | Description |
|---|---|---|---|
target | string | Required | Hostname or IP address to scan |
ports | number[] | Required | Array of port numbers (max 20) |
Example Request
curl -X POST -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
-H "Content-Type: application/json" \
-d '{"target":"example.com","ports":[80,443,22]}' \
"https://dnschkr.com/api/v1/port-scan"Example Response
{
"data": {
"target": "example.com",
"results": [
{ "port": 80, "status": "open", "service": "HTTP" },
{ "port": 443, "status": "open", "service": "HTTPS" },
{ "port": 22, "status": "closed", "service": "SSH" }
]
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 2, "remaining": 33 } }
}GET
/api/v1/security-headers1 creditAnalyze HTTP security headers for a URL and get a security grade.
Try it free at the HTTP Security Headers tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
url | string | Required | Full URL to analyze (e.g. https://example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/security-headers?url=https://example.com"Example Response
{
"data": {
"url": "https://example.com",
"grade": "B",
"headers": {
"strictTransportSecurity": { "present": true, "value": "max-age=31536000" },
"contentSecurityPolicy": { "present": false, "value": null },
"xFrameOptions": { "present": true, "value": "DENY" },
"xContentTypeOptions": { "present": true, "value": "nosniff" }
},
"recommendations": ["Add Content-Security-Policy header"]
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 32 } }
}GET
/api/v1/robotsFreeFetch, validate, and parse a domain's robots.txt file. Returns the raw content, HTTP status, content type, file size, validation warnings, and whether the file is valid. Use the parsed data to build crawl access matrices, security analysis, or SEO audits.
Try it free at the Robots.txt Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
domain | string | Required | Domain name to check (e.g. example.com) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/robots?domain=example.com"Example Response
{
"data": {
"data": {
"domain": "example.com",
"url": "https://example.com/robots.txt",
"statusCode": 200,
"headers": { "content-type": "text/plain", "content-length": "142" },
"content": "User-agent: *\nDisallow: /admin\nAllow: /\n\nSitemap: https://example.com/sitemap.xml",
"contentType": "text/plain",
"isValid": true,
"isHtml": false,
"warnings": [],
"byteLength": 142,
"error": null
},
"meta": {
"cached": false,
"fetchedAt": "2026-03-07T12:00:00.000Z",
"duration": 245
}
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/redirect-checkFreeTrace the full HTTP redirect chain for any URL. Returns every hop in the chain with status codes, response headers, timing, resolved IP, and SSL/TLS certificate details per hop. Use this to audit redirect configurations, detect redirect loops, find broken SSL certificates, or analyze SEO redirect chains.
Try it free at the Redirect Checker to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
url | string | Required | URL to trace (e.g. http://example.com or example.com). If no protocol is specified, http:// is assumed. |
userAgent | string | Optional | Custom User-Agent string. Use to test how different crawlers (Googlebot, Bingbot) experience the redirect chain. |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/redirect-check?url=http://example.com"Example Response
{
"data": {
"startUrl": "http://example.com",
"finalUrl": "https://www.example.com/",
"hops": [
{
"hop": 1,
"url": "http://example.com",
"statusCode": 301,
"statusMessage": "Moved Permanently",
"headers": { "location": "https://example.com/", "server": "nginx" },
"timing": 120,
"ip": "93.184.216.34"
},
{
"hop": 2,
"url": "https://example.com/",
"statusCode": 301,
"statusMessage": "Moved Permanently",
"headers": { "location": "https://www.example.com/" },
"timing": 95,
"ip": "93.184.216.34",
"tls": {
"protocol": "TLSv1.3",
"cipher": "TLS_AES_256_GCM_SHA384",
"valid": true,
"subject": "www.example.org",
"issuer": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"validFrom": "2024-01-30T00:00:00.000Z",
"validTo": "2025-03-01T23:59:59.000Z",
"daysRemaining": 182,
"selfSigned": false
}
},
{
"hop": 3,
"url": "https://www.example.com/",
"statusCode": 200,
"statusMessage": "OK",
"headers": { "content-type": "text/html" },
"timing": 88,
"ip": "93.184.216.34",
"tls": {
"protocol": "TLSv1.3",
"cipher": "TLS_AES_256_GCM_SHA384",
"valid": true,
"subject": "www.example.org",
"issuer": "DigiCert Global G2 TLS RSA SHA256 2020 CA1",
"daysRemaining": 182,
"selfSigned": false
}
}
],
"totalHops": 3,
"totalTime": 303,
"isRedirect": true,
"hasLoop": false,
"reachedMaxHops": false
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/seo-auditFreeRun a comprehensive on-page SEO audit for any URL. Analyzes meta tags, headings, images, links, structured data, and more.
Try it free at the On-Page SEO Auditor to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
url | string | Required | URL to audit (e.g. https://example.com). If no protocol, https:// is assumed. |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/seo-audit?url=https://example.com"Example Response
{
"data": {
"url": "https://example.com",
"statusCode": 200,
"title": "Example Domain",
"meta": {
"description": "This domain is for use in illustrative examples.",
"robots": "index, follow",
"viewport": "width=device-width, initial-scale=1"
},
"headings": {
"h1": ["Example Domain"],
"h2": [],
"h3": []
},
"links": { "internal": 0, "external": 1, "nofollow": 0 },
"images": { "total": 0, "withoutAlt": 0 },
"structuredData": [],
"performance": { "loadTime": 245, "contentLength": 1256 }
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 0, "remaining": 49 } }
}GET
/api/v1/reverse-ns1 creditFind all domains using a given nameserver. Returns domain names sorted alphabetically with first/last seen dates. Pro plan required.
Try it free at the Reverse Nameserver Lookup tool to sanity-check the response before wiring code.
Query Parameters
| Name | Type | Required | Description |
|---|---|---|---|
ns | string | Required | Nameserver hostname (e.g. ns1.google.com) |
limit | number | Optional | Max domains to return (default: 100, max: 1000) |
offset | number | Optional | Pagination offset (default: 0) |
Example Request
curl -H "Authorization: Bearer dk_live_..." -H "Accept: application/json" \
"https://dnschkr.com/api/v1/reverse-ns?ns=ns1.google.com&limit=10"Example Response
{
"data": {
"nameserver": "ns1.google.com",
"total": 11677,
"limit": 10,
"offset": 0,
"domains": [
{ "domain": "0---0.com", "tld": "com", "firstSeen": "2026-04-10", "lastSeen": "2026-04-10" }
]
},
"meta": { "requestId": "...", "timestamp": "...", "credits": { "used": 1, "remaining": 48 } }
}Ready to get started?
Create an account, choose a plan, and generate your API key.