LOGIN REGISTER
API Docs User Guide
Domain
Domain DNS History
GET

/​api/​axon/​domain/​dns/​history/​:domain

Domain DNS History - A
GET

/​api/​axon/​domain/​dns/​history/​:domain/​A

Domain DNS History - AAAA
GET

/​api/​axon/​domain/​dns/​history/​:domain/​AAAA

Domain DNS History - NS
GET

/​api/​axon/​domain/​dns/​history/​:domain/​NS

Domain DNS History - NS_FOR
GET

/​api/​axon/​domain/​dns/​history/​:domain/​NS_FOR

Domain DNS Hostname
GET

/​api/​axon/​domain/​dns/​hostname/​:domain

Domain DNS Extra
GET

/​api/​axon/​domain/​dns/​extra/​:domain

Domain Subdomains
GET

/​api/​axon/​domain/​subdomains/​:domain

Domain Osint History
GET

/​api/​axon/​domain/​osint/​history/​:domain

Domain Osint Context
GET

/​api/​axon/​domain/​osint/​context/​:domain

Domain Reputation Quick
GET

/​api/​axon/​domain/​reputation/​quick/​:domain

Domain Pivots
GET

/​api/​axon/​domain/​pivots/​:domain

Domain Certificates
GET

/​api/​axon/​domain/​certificates/​:domain

Domain Crawl History
GET

/​api/​axon/​domain/​crawl/​history/​:domain

Domain Registration History
GET

/​api/​axon/​domain/​registration/​history/​:domain

Lookalike Domain
GET

/​api/​lookalike/​domain/​:domain

Lookalike Regex
GET

/​api/​lookalike/​regex

Domain Registration Live
GET

/​api/​axon/​domain/​registration/​live/​:domain

IP
IP DNS History
GET

/​api/​axon/​ip/​dns/​history/​:ip

IP DNS History - (CIDR)
GET

/​api/​axon/​ip/​dns/​history/​:ip/​:cidr

IP DNS Hostname
GET

/​api/​axon/​ip/​dns/​hostname/​:ip

IP DNS Hostname - (CIDR)
GET

/​api/​axon/​ip/​dns/​hostname/​:ip/​:cidr

IP DNS Extra
GET

/​api/​axon/​ip/​dns/​extra/​:ip

IP DNS Extra - (CIDR)
GET

/​api/​axon/​ip/​dns/​extra/​:ip/​:cidr

IP Osint History
GET

/​api/​axon/​ip/​osint/​history/​:ip

IP Osint History - (CIDR)
GET

/​api/​axon/​ip/​osint/​history/​:ip/​:cidr

IP Reputation Quick
GET

/​api/​axon/​ip/​reputation/​quick/​:ip

IP Osint Context
GET

/​api/​axon/​ip/​osint/​context/​:ip

IP Pivots
GET

/​api/​axon/​ip/​pivots/​:ip

IP Pivots - (CIDR)
GET

/​api/​axon/​ip/​pivots/​:ip/​:cidr

IP Crawl History
GET

/​api/​axon/​ip/​crawl/​history/​:ip

IP Crawl History - (CIDR)
GET

/​api/​axon/​ip/​crawl/​history/​:ip/​:cidr

Hash
Hash Pivots
GET

/​api/​axon/​hash/​pivots/​:hash

String
String DNS Extra2
GET

/​api/​axon/​string/​dns/​extra2

String Pivots2
GET

/​api/​axon/​string/​pivots2

String Pivots2
GET

/​api/​axon/​string/​pivots2/​:category

String Registration History2
GET

/​api/​axon/​string/​registration/​history2

String DNS History
GET

/​api/​axon/​string/​dns/​history

Utils
Profile Usage
GET

/​api/​profile/​usage

Profile Token
GET

/​api/​profile/​token

Paths
GET

/​api/​paths

Ping
GET

/​api/​ping

Advanced Query
GET

/​api/​axon/​advanced/​query

Projects
Project List
GET

/​api/​project/​list

Project Details
GET

/​api/​project/​:project_id

Project - Indicators
GET

/​api/​project/​:project_id/​indicators

Project - Indicators Add
POST

/​api/​project/​:project_id/​indicators/​add

Project - Indicators Delete
POST

/​api/​project/​:project_id/​indicators/​delete

Project - Alerts Dates
GET

/​api/​project/​:project_id/​alerts/​dates

Project - Alerts Latest
GET

/​api/​project/​:project_id/​alerts/​latest

Project - Alerts
GET

/​api/​project/​:project_id/​alerts/​:date

Threats
Threat Names
GET

/​api/​threat/​names

Threat Group - Summary
GET

/​api/​threat/​group/​:threat_key/​summary

Threat Group - Indicators
GET

/​api/​threat/​group/​:threat_key/​indicators

Threat Group - Reports
GET

/​api/​threat/​group/​:threat_key/​reports

Threat Indicators Recent
GET

/​api/​threat/​indicators/​recent

Threat Reports Recent
GET

/​api/​threat/​reports/​recent

Validin API Documentation

Welcome to the Validin API documentation. Our APIs provide programmatic access to Validin's DNS, host response, open source threat intelligence, certificate, and registration history, empowering you to automate investigations, enrich your security tools, and gain deeper insights into the structure and connections of the internet.

What can you do with Validin APIs?

  • Enrich your security tools: Integrate Validin's data into your SIEM, threat intelligence platform, and other security solutions.
  • Automate your workflows: Streamline your security operations by automating tasks such as domain analysis, IP reputation checks, and threat hunting.
  • Integrate with your research tools: Configure popular tools like Synapse and Maltego to pull intelligence from Validin via API.

How to get started

  • Browse our API documentation: Explore our comprehensive documentation to learn more about each API endpoint and its capabilities.
  • Try our interactive API explorer: Experiment with our APIs in real-time and see exact results when logged in. Copy and paste the exact code needed to replicate your API searches.
  • Check out our user guide: Read more about what you can do with Validin in our online user guide.
  • Create a free community account: Sign up for a Validin community account to try Validin today.

Standard Response

Most query responses use the structure in the following example. 

{
  "query_opts": {                     // Inferred or provided query options
    "type": "dom",
    "annotate": false
  },
  "query_key": "example.com",         // Search key
  "status": "finished",
  "records": {                        // Answer hash
    "A": [                            // Type of association mapped to
      {                               // an array of values
        "key": "example.com",         // Key that matched
        "value": "93.184.215.14",     // Value associated with the key
        "value_type": "ip4",          // How the value is interpreted ("dom", "ip4", "ip6", "hash", or "raw")
        "first_seen": 1713463200,     // Unix timestamp of first observation window
        "last_seen": 1727719200       // Unix timestamp of most recent observation window
      }
    ]
  },
  "records_returned": 1,              // Total number of records returned
  "limited": false                    // true if result limited
}