Every signal behind a domain.
One call.

Sales teams, infosec teams, and growth engineers spend hours stitching together WHOIS lookups, certificate logs, DNS queries, and technology detectors. DataSonar returns all of it in a single response, in real time.

Real request
POST https://api.datasonar.dev/v1/dns/intelligence
Authorization: Bearer osk_…

{ "domain": "anthropic.com" }
Real response · 21 ms
{
  "status": "success",
  "domain": "anthropic.com",
  "email_provider": "Google Workspace",
  "nameserver_provider": "Cloudflare",
  "has_spf": true,
  "has_dmarc": true,
  "technologies": [
    "SPF", "Google Search Console",
    "Microsoft 365", "Stripe", "Atlassian"
  ],
  "records": { "A": [...], "MX": [...], "TXT": [...] }
}

Six intelligence endpoints, one key.

POST /v1/dns/lookup

DNS lookup

A, MX, TXT, NS, CNAME, AAAA records in one structured response.

POST /v1/dns/intelligence

DNS intelligence

Detect the email provider, nameserver provider, SPF and DMARC posture, and inferred technology footprint.

POST /v1/intel/ssl

SSL certificate

Issuer, expiry date, days remaining, subject, SANs. Built for monitoring and pipeline-aware renewals.

POST /v1/intel/whois

WHOIS

Registrar, creation and expiry dates, abuse contacts, nameservers — all structured.

POST /v1/intel/page

Page intelligence

Technology stack, contact emails and phones, social profiles, RSS and JSON feeds, every logo and favicon.

POST /v1/verify/email

Email verification

Syntax check, MX lookup, SMTP handshake, catch-all detection, disposable provider check, deliverability score.

Who uses domain intelligence

Sales intelligence platforms

Enrich every account in your pipeline with technology stack, mail provider, and decision-maker email patterns. One call per domain, structured JSON in milliseconds.

Threat intelligence and infosec

Monitor certificate expiry across thousands of domains, flag SPF and DMARC gaps, detect when infrastructure quietly changes hands. All from a single API.

RevOps and ABM

Target by technology footprint. Identify accounts running specific stacks — Stripe, Atlassian, Workspace — without scraping LinkedIn or licensing a separate enrichment vendor.

Competitive monitoring

Track when a competitor's SSL provider changes, when their CDN switches, when a new subdomain appears on a sitemap. Signals you cannot get from a marketing fly-by.

Two lines of code.

Drop intelligence into any pipeline today.

# Get the full domain intelligence picture in one call.
curl -X POST https://api.datasonar.dev/v1/dns/intelligence \
  -H "Authorization: Bearer osk_..." \
  -H "Content-Type: application/json" \
  -d '{"domain": "anthropic.com"}'

Common questions about domain intelligence

What is the difference between DNS lookup and DNS intelligence?
DNS lookup returns the raw records — A, MX, TXT, and so on. DNS intelligence layers analysis on top: it tells you which provider runs your email, which provider runs your nameservers, whether SPF and DMARC are present, and what technologies it can infer from the records. The intelligence call returns the lookup data too, so you can replace two requests with one.
How fast is the intelligence layer?
Most intelligence endpoints return in 20 to 500 milliseconds. DNS lookups are the fastest. WHOIS is the slowest because it depends on third-party registrar responsiveness. We cache aggressively where the underlying data is stable.
How accurate is technology detection?
Page intelligence detects technologies from HTML, response headers, JavaScript signatures, and DNS hints combined. The result is comparable to leading commercial detection vendors. Edge cases — bespoke stacks, internal SaaS — sometimes return partial matches, in which case we err on the side of returning fewer technologies rather than guessing.
Can I verify email deliverability without sending an email?
Yes. The verify endpoint performs an SMTP handshake — it talks to the recipient's mail server up to the point of acceptance, then closes the connection. No message is delivered. The response tells you whether the mailbox exists, whether the domain accepts catch-all, and whether the provider is disposable.
Is this safe to run at scale against the same domain?
Yes. All intelligence endpoints either read public records or perform a single non-intrusive request against the target. Heavy usage against the same domain is rate-limited at our end before the target sees pressure.
How is this different from a tool like BuiltWith?
BuiltWith is excellent for technographic enrichment and historical data. DataSonar's intelligence layer is real-time, ships in the same API as scraping and extraction, and includes DNS, SSL, and WHOIS in the same call. Many teams use both — BuiltWith for historical tech-graph queries, DataSonar for live signals in their pipeline.

Enrich your first 1,000 domains free.

No credit card. Every endpoint included.

Start free Talk to sales