π Bulk WHOIS & DNS Lookup - Domain Records API
Pricing
$5.00 / 1,000 domain looked ups
π Bulk WHOIS & DNS Lookup - Domain Records API
Bulk WHOIS + DNS + SSL lookup for a list of domains: registrar, created/expiry dates, domain age, status, nameservers, A/AAAA/MX/TXT/NS/CNAME/SOA and the live TLS certificate. Keyless WhoisXML alternative.
Pricing
$5.00 / 1,000 domain looked ups
Rating
0.0
(0)
Developer
Renzo Madueno
Maintained by CommunityActor stats
0
Bookmarked
2
Total users
1
Monthly active users
3 days ago
Last modified
Categories
Share
π Bulk WHOIS & DNS Lookup β Domain Records API
Paste a list of domains, get back one clean record per domain with everything you'd normally have to stitch together from three different tools: the WHOIS / registration record, the live DNS zone, and the SSL certificate. No API key, no per-lookup subscription, no scraping fragile HTML β this Actor talks to the same first-party, free data sources the registries and DNS themselves expose.
It's a drop-in, pay-as-you-go alternative to WhoisXML API, DomainTools, and the various "DNS lookup API" services, priced per domain instead of per seat or per monthly quota.
What this Actor tells you
For every domain you pass in, three independent questions get answered in parallel:
1. Who owns it and when does it expire? (WHOIS via RDAP)
WHOIS answers "who registered this domain, through whom, and for how long?" β the metadata a domain registry keeps. Instead of parsing the legacy free-text WHOIS protocol (rate-limited, unstructured, different on every TLD), this Actor uses RDAP (Registration Data Access Protocol), the modern JSON successor that every gTLD registry now runs. We bootstrap through rdap.org, which redirects to the authoritative registry for each domain, so .com, .io, .dev, .co.uk and hundreds of others all return structured data.
From RDAP you get:
| Field | Meaning |
|---|---|
registrar | The registrar the domain was registered through (e.g. MarkMonitor Inc., GoDaddy.com, LLC). |
createdDate | When the domain was first registered (ISO 8601). |
updatedDate | When the registration record last changed. |
expiresDate | When the registration lapses if not renewed β the field domain-portfolio owners live and die by. |
domainAgeYears | Age in years, derived from createdDate. A trust/legitimacy signal. |
domainStatus[] | EPP status codes such as client transfer prohibited, server delete prohibited, active. Tells you if the domain is locked or in a risky state. |
nameservers[] | The delegated nameservers the registry has on file (authoritative). |
registrantCountry | The registrant's country, when the registry publishes it (many redact it under GDPR β you'll get null, not a crash). |
2. Where does it actually resolve? (live DNS)
WHOIS is what the registry knows; DNS is what the internet actually does right now. Using Node's built-in resolver we pull the live zone:
| Record | What it's for |
|---|---|
dns.a[] | IPv4 addresses β where the site is hosted. |
dns.aaaa[] | IPv6 addresses. |
dns.mx[] | Mail exchangers, each with its priority. Reveals the email provider (Google Workspace, Microsoft 365, Proofpointβ¦). |
dns.txt[] | TXT records β SPF, domain-verification tokens, DKIM keys, arbitrary metadata. |
dns.ns[] | The nameservers actually answering for the zone. |
dns.cname | Any CNAME at the apex (rare, but present on some hosted setups). |
dns.soa | Start-of-Authority record: primary nameserver, hostmaster, serial, refresh/retry/expire/minttl. The zone's "heartbeat". |
Every record type is resolved independently and any no-data / not-found / timeout degrades to an empty array or null β a domain that legitimately has no AAAA or no MX gives you an honest empty result, never an error.
3. Is its HTTPS healthy? (live SSL certificate)
A single TLS handshake to :443 (with SNI set to the domain) reads the live leaf certificate β the thing your users' browsers see:
| Field | Meaning |
|---|---|
ssl.issuer | The Certificate Authority (e.g. Google Trust Services, DigiCert Inc, Let's Encrypt). |
ssl.validFrom / ssl.validTo | The certificate's validity window (ISO 8601). |
ssl.daysUntilExpiry | Days until the cert expires β the number that pages your on-call at 2 a.m. when it's negative. |
ssl.isValid | Whether the chain validated against the system trust store and we're inside the validity window. |
Domains with no HTTPS listener, a self-signed cert, or a handshake failure return a null cert with isValid: false β gracefully, in one short timeout.
Derived convenience flags
| Field | Logic |
|---|---|
hasWebsite | true if any A or AAAA record exists. |
hasMx | true if the domain publishes MX records (it can receive mail). |
isExpiringSoon | true if the domain registration or the SSL certificate expires within 30 days β your single "needs attention" flag. |
Example input
{"domains": ["google.com", "github.com", "stripe.com"],"maxConcurrency": 5}
You can also paste URLs (https://github.com/features) or emails (jane@stripe.com) β they're reduced to the bare domain automatically. Duplicates are removed.
Example output (one record per domain)
{"domain": "stripe.com","registrar": "SafeNames Ltd.","createdDate": "1995-09-12T04:00:00.000Z","updatedDate": "2024-08-10T12:00:00.000Z","expiresDate": "2027-09-11T04:00:00.000Z","domainAgeYears": 30.8,"domainStatus": ["client transfer prohibited", "server delete prohibited"],"nameservers": ["ns-1087.awsdns-07.org", "ns-1882.awsdns-43.co.uk", "ns-423.awsdns-52.com", "ns-705.awsdns-24.net"],"registrantCountry": null,"dns": {"a": ["198.202.176.231", "198.137.150.231"],"aaaa": [],"mx": [{ "exchange": "aspmx.l.google.com", "priority": 10 },{ "exchange": "alt1.aspmx.l.google.com", "priority": 20 }],"txt": ["v=spf1 include:_spf.google.com ~all"],"ns": ["ns-423.awsdns-52.com", "ns-705.awsdns-24.net"],"cname": null,"soa": {"nsname": "ns-1882.awsdns-43.co.uk","hostmaster": "awsdns-hostmaster.amazon.com","serial": 1, "refresh": 900, "retry": 900, "expire": 1209600, "minttl": 3600}},"ssl": {"issuer": "DigiCert Inc","validFrom": "2026-05-27T00:00:00.000Z","validTo": "2026-09-03T23:59:59.000Z","daysUntilExpiry": 62,"isValid": true},"hasWebsite": true,"hasMx": true,"isExpiringSoon": false,"checkedAt": "2026-07-04T14:30:00.000Z"}
What people use it for
- Domain-portfolio monitoring β run your whole portfolio on a schedule and watch
expiresDate,domainStatusandnameserversfor anything that drifted. Catch a domain about to lapse before a squatter does. - Expiry alerting β filter on
isExpiringSoon(registration or SSL within 30 days) and pipe it into Slack, email or a ticket. One flag, both risks. - Security & threat recon β pull nameservers, mail providers, SSL issuers and registration age across a list of look-alike or phishing domains. A domain registered 4 days ago with a free cert and no MX is a very different animal from a 30-year-old domain on MarkMonitor.
- Lead qualification / enrichment β attach registrar, domain age, MX provider and "has a real HTTPS site" to a list of prospect domains before your sales team touches them. Old domain + Google Workspace MX + valid EV-grade cert = a real business.
- Infra audits & migrations β confirm every domain in an acquisition or migration points at the nameservers, MX and certs you expect.
- Bulk DNS/WHOIS API replacement β wire the Actor's API endpoint into your own app and get structured WHOIS + DNS + SSL without running or paying for three separate services.
A WhoisXML / DNS-Lookup-API alternative
Services like WhoisXML API, DomainTools, and hosted DNS Lookup APIs sell WHOIS, DNS and SSL data behind monthly quotas and per-seat pricing, and each usually covers only one of the three. This Actor:
- Combines all three (WHOIS + DNS + SSL) into one record per domain β one call, not three subscriptions.
- Charges per domain looked up (pay-per-event), so a 40-domain check costs cents and a 40,000-domain portfolio scales linearly β no quota you have to size in advance.
- Uses 100% free, first-party sources (RDAP registries, live DNS, live TLS), so there's no upstream API key to manage or rotate.
- Runs on Apify β schedule it, hit it via API/webhook, export to JSON/CSV/Excel, or chain it into a larger pipeline.
FAQ
Is RDAP the same as WHOIS?
RDAP is the modern, structured, JSON replacement for the legacy WHOIS protocol, mandated by ICANN for gTLDs. You get the same registration facts (registrar, dates, status, nameservers) in a clean, reliable format instead of scraping free text. A few ccTLDs don't yet run RDAP; for those you'll get the DNS + SSL data and null WHOIS fields.
Why is registrantCountry (or registrant name/email) often null?
Post-GDPR, most registries redact personal registrant data by default. When a registry does publish the country, you get it; when it doesn't, you get null β the Actor never guesses.
Why might a domain show hasWebsite: false but still have a valid SSL cert?
hasWebsite is based on A/AAAA records at the exact domain you passed. Some sites only serve on www. or route through a CDN CNAME. The SSL check connects to :443 on the domain and reads whatever cert is presented, so the two can differ β both facts are reported honestly.
How fresh is the data?
Every field is fetched live at run time; checkedAt timestamps each record. DNS and SSL are real-time; RDAP reflects the registry's current record.
Will it crash on a dead or malformed domain?
No. Invalid input, NXDOMAIN, no-HTTPS, RDAP misses and timeouts all degrade to empty arrays / null fields. You always get exactly one record per input domain.
How is it priced?
Pay-per-event: you're charged once per domain successfully looked up (domain-looked-up). Set ACTOR_MAX_TOTAL_CHARGE_USD to hard-cap spend on huge lists.
Automate it
- Schedule the Actor (daily/weekly) over your domain portfolio and route
isExpiringSoon === truerecords to Slack or email β never miss a registration or certificate renewal again. - Call it via API/webhook from your own backend to enrich domains on demand, and read results straight from the dataset as JSON or CSV.
- Chain it: feed the output into a spreadsheet, a BI tool, or the next Actor in an Apify task flow.
Related Actors
- Domain & Email Deliverability Enricher β goes deeper on the email side of the same domains: MX + provider, SPF, DMARC (+ policy), DKIM, and a 0β100 email-security score with low/medium/high deliverability risk. Use it to score domains before cold outreach; use this Actor for the WHOIS/DNS/SSL registration picture.
- Company Enrichment β turn a domain into firmographics (company name, size, industry, socials). Pair it with this Actor to go from a raw domain list to fully-qualified, verified B2B records.
Built for developers, sales-ops and security teams who need WHOIS + DNS + SSL in bulk, priced by the domain instead of by the seat.