API Docs User Guide

V2 Domain Combined Connections

GET

/api/v2/domain/combined/connections/:domain

Domain DNS History

GET

/api/axon/domain/dns/history/:domain

Domain DNS History - A

GET

/api/axon/domain/dns/history/:domain/A

Domain DNS History - AAAA

GET

/api/axon/domain/dns/history/:domain/AAAA

Domain DNS History - NS

GET

/api/axon/domain/dns/history/:domain/NS

Domain DNS History - NS_FOR

GET

/api/axon/domain/dns/history/:domain/NS_FOR

Domain DNS Hostname

GET

/api/axon/domain/dns/hostname/:domain

Domain DNS Extra

GET

/api/axon/domain/dns/extra/:domain

Domain Subdomains

GET

/api/axon/domain/subdomains/:domain

Domain Osint History

GET

/api/axon/domain/osint/history/:domain

Domain Osint Context

GET

/api/axon/domain/osint/context/:domain

Domain Reputation Quick

GET

/api/axon/domain/reputation/quick/:domain

Domain Pivots

GET

/api/axon/domain/pivots/:domain

Domain Certificates

GET

/api/axon/domain/certificates/:domain

Domain Crawl History

GET

/api/axon/domain/crawl/history/:domain

Domain Registration History

GET

/api/axon/domain/registration/history/:domain

Lookalike Domain

GET

/api/lookalike/domain/:domain

Lookalike Regex

GET

/api/lookalike/regex

Domain Registration Live

GET

/api/axon/domain/registration/live/:domain

IP DNS History

GET

/api/axon/ip/dns/history/:ip

IP DNS History - (CIDR)

GET

/api/axon/ip/dns/history/:ip/:cidr

IP DNS Hostname

GET

/api/axon/ip/dns/hostname/:ip

IP DNS Hostname - (CIDR)

GET

/api/axon/ip/dns/hostname/:ip/:cidr

IP DNS Extra

GET

/api/axon/ip/dns/extra/:ip

IP DNS Extra - (CIDR)

GET

/api/axon/ip/dns/extra/:ip/:cidr

IP Osint History

GET

/api/axon/ip/osint/history/:ip

IP Osint History - (CIDR)

GET

/api/axon/ip/osint/history/:ip/:cidr

IP Reputation Quick

GET

/api/axon/ip/reputation/quick/:ip

IP Osint Context

GET

/api/axon/ip/osint/context/:ip

IP Pivots

GET

/api/axon/ip/pivots/:ip

IP Pivots - (CIDR)

GET

/api/axon/ip/pivots/:ip/:cidr

IP Crawl History

GET

/api/axon/ip/crawl/history/:ip

IP Crawl History - (CIDR)

GET

/api/axon/ip/crawl/history/:ip/:cidr

Hash Pivots

GET

/api/axon/hash/pivots/:hash

String DNS Extra2

GET

/api/axon/string/dns/extra2

String Pivots2

GET

/api/axon/string/pivots2

String Pivots2

GET

/api/axon/string/pivots2/:category

String Registration History2

GET

/api/axon/string/registration/history2

String DNS History

GET

/api/axon/string/dns/history

Profile Usage

GET

/api/profile/usage

Profile Usage Daily

GET

/api/profile/usage/daily

Profile Token

GET

/api/profile/token

Paths

GET

/api/paths

Ping

GET

/api/ping

Advanced Query

GET

/api/axon/advanced/query

Project List

GET

/api/project/list

Project Details

GET

/api/project/:project_id

Project - Indicators

GET

/api/project/:project_id/indicators

Project - Indicators Add

POST

/api/project/:project_id/indicators/add

Project - Indicators Delete

POST

/api/project/:project_id/indicators/delete

Project - Indicators Add_note

POST

/api/project/:project_id/indicators/add_note

Project - Alerts Dates

GET

/api/project/:project_id/alerts/dates

Project - Alerts Latest

GET

/api/project/:project_id/alerts/latest

Project - Alerts

GET

/api/project/:project_id/alerts/:date

Threat Names

GET

/api/threat/names

Threat Group - Summary

GET

/api/threat/group/:threat_key/summary

Threat Group - Indicators

GET

/api/threat/group/:threat_key/indicators

Threat Group - Reports

GET

/api/threat/group/:threat_key/reports

Threat Indicators Recent

GET

/api/threat/indicators/recent

Threat Reports Recent

GET

/api/threat/reports/recent

Validin API Documentation

Welcome to the Validin API documentation. Our APIs provide programmatic access to Validin's DNS, host response, open source threat intelligence, certificate, and registration history, empowering you to automate investigations, enrich your security tools, and gain deeper insights into the structure and connections of the internet.

What can you do with Validin APIs?

Enrich your security tools: Integrate Validin's data into your SIEM, threat intelligence platform, and other security solutions.
Automate your workflows: Streamline your security operations by automating tasks such as domain analysis, IP reputation checks, and threat hunting.
Integrate with your research tools: Configure popular tools like Synapse and Maltego to pull intelligence from Validin via API.

How to get started

Browse our API documentation: Explore our comprehensive documentation to learn more about each API endpoint and its capabilities.
Try our interactive API explorer: Experiment with our APIs in real-time and see exact results when logged in. Copy and paste the exact code needed to replicate your API searches.
Check out our user guide: Read more about what you can do with Validin in our online user guide.
Create a free community account: Sign up for a Validin community account to try Validin today.

Standard Response

Most query responses use the structure in the following example.

{
  "query_opts": {                     // Inferred or provided query options
    "type": "dom",
    "annotate": false
  },
  "query_key": "example.com",         // Search key
  "status": "finished",
  "records": {                        // Answer hash
    "A": [                            // Type of association mapped to
      {                               // an array of values
        "key": "example.com",         // Key that matched
        "value": "93.184.215.14",     // Value associated with the key
        "value_type": "ip4",          // How the value is interpreted ("dom", "ip4", "ip6", "hash", or "raw")
        "first_seen": 1713463200,     // Unix timestamp of first observation window
        "last_seen": 1727719200       // Unix timestamp of most recent observation window
      }
    ]
  },
  "records_returned": 1,              // Total number of records returned
  "limited": false                    // true if result limited
}