Security Accelerated

Documentation

Intelligence API

Security Accelerated exposes domain and IP intelligence through a single REST surface tuned for operational triage, enrichment, and automation.

https://api.securityaccelerated.com v0.51.0
support@securityaccelerated.com

Domain Intelligence

WHOIS, DNS, SSL, headers, screenshots, reputation, email security, subdomains, CT logs, BGP and ASN, fingerprinting, and threat intelligence in one request.

POST/v1/domain/lookup
Open endpoint reference

IP Intelligence

GeoIP, ASN, reverse DNS, RDAP abuse contact, and threat intelligence for public IPv4 and IPv6 targets with partial-failure reporting.

POST/v1/ip/lookup
Open endpoint reference

Shared contract

Both APIs use the same authentication model, plan gating, JSON error envelope, and request tracing headers, so client integration stays predictable.

  • Use X-API-Key on every request.
  • Pass X-Client-Request-ID for your own trace IDs.
  • Expect 200 OK with per-lookup errors for partial failures.

Access

Authentication

All requests require an API key passed via the X-API-Key header.

X-API-Key: your-api-key-here

Commercial Model

Plans

Plans control request volume, batch size, and access to premium lookups such as screenshots, reputation, and threat intelligence.

FeatureFreeBasicPro
Rate limit5 req/min30 req/min120 req/min
Domains per request1520
IPs per request1520
Core lookups (WHOIS, DNS, SSL, headers, GeoIP, ASN, RDNS)YesYesYes
Email security, subdomains, CT logs, BGP, fingerprint, abuse contactYesYesYes
Screenshot, reputation, threat intelligence--Yes

Upgrade Paths

Pricing

Start with a free key, then move up when you need larger request batches or premium enrichment.

PlanFeatures
Free 5 req/min, 1 target/request, core lookups Included with any API key
Basic 30 req/min, 5 targets/request, core lookups + email security, subdomains, CT logs, BGP, fingerprint Subscribe
Pro 120 req/min, 20 targets/request, all lookups including screenshot, reputation, and threat intel Subscribe
After subscribing, your API key is shown once on the confirmation page. Capture it immediately because it cannot be retrieved later.
Manage your subscription

Traffic Control

Rate Limiting

Requests are rate-limited per API key with a sliding window. Every response includes headers that let your client adapt without guesswork.

HeaderDescription
X-RateLimit-LimitMaximum requests per minute for your plan
X-RateLimit-RemainingRequests remaining in the current window
Retry-AfterSeconds to wait before retrying on 429

Freshness

Caching

Results are cached for 60 minutes. Each element returns cache_hit so you can distinguish cached and live responses inside batch results.

Use the same cached window expectations across Domain and IP workflows when deciding whether to fan out requests or reuse prior enrichments.

Failure Modes

Error Handling

HTTP errors cover malformed requests, auth failures, feature gating, and server-side faults. Partial lookup failures are returned inside successful responses instead.

StatusMeaning
400 Bad RequestInvalid request body, missing required fields, or invalid target
401 UnauthorizedMissing or invalid API key
403 ForbiddenYour plan does not include this feature
413 Content Too LargeRequest body exceeds the 1 MB limit
429 Too Many RequestsRate limit exceeded; inspect Retry-After
500 Internal Server ErrorUnexpected server-side failure. Contact support@securityaccelerated.com if it persists.

All error responses use the same envelope:

{
  "error": "description of the problem"
}
Sub-lookups can fail without failing the request. In those cases the API still returns 200 OK and surfaces the affected lookup details in the per-result errors array.

Tracing

Request Correlation

Pass an optional X-Client-Request-ID header for end-to-end tracing. The API echoes it back in response headers and includes it in server-side logs.

Release Notes

What's New

v0.51.0 2026-04-16

  • Subdomain enumeration is now subject to a tighter per-plan domain cap (subdomain.max_domains.*). The config keys and defaults shipped earlier; this is the missing enforcement

v0.50.1 2026-04-04

  • Domain normalization now strips any URL scheme (ftp, ssh, etc.), not just http/https

v0.50.0 2026-04-04

  • Domain inputs with paths, ports, query strings, and fragments are now normalized instead of rejected

v0.44.0 2026-04-03

  • DNS lookups now use external resolvers (Google, Cloudflare, OpenDNS) with automatic fallback

v0.41.0 2026-03-29

  • New endpoint: POST /v1/ip/lookup — GeoIP, ASN, reverse DNS, abuse contact, and threat intelligence for IP addresses
  • IP threat intelligence requires a pro plan (same as domain threat_intel)
  • GeoIP and ASN data powered by MaxMind GeoLite2 databases (loaded from disk, refreshable via admin endpoint)

v0.40.0 2026-03-28

  • Domain input validation now rejects ports, paths, query strings, fragments, and userinfo

v0.38.0 2026-03-22

  • Partial lookup failures now include error_count in the response for better client-side observability

v0.36.0 2026-03-19

  • VirusTotal provider is now best-effort when rate-limited instead of failing the whole lookup
  • Added threat intelligence section to API docs

v0.34.0 2026-03-17

  • Added Stripe billing integration with webhook handling and API key provisioning
  • New /billing/success page for post-checkout key retrieval
  • Customer Portal link for subscription management

v0.33.0 2026-03-16

  • Added threat intelligence lookups — VirusTotal, URLhaus, and AlienVault OTX with weighted scoring
  • Threat intel available for pro and admin plans via threat_intel option

v0.32.0 2026-03-15

  • Added BGP/ASN lookups with origin AS, prefix, and RIR information
  • BGP data available for all plans via bgp option

v0.31.0 2026-03-14

  • Added certificate transparency log lookups via crt.sh
  • CT log data available for all plans via ct_logs option

v0.30.0 2026-03-13

  • Added technology fingerprinting — detects web servers, frameworks, CDNs, and more from HTTP headers
  • ~90 built-in detection rules, hot-reloadable via admin endpoint

v0.19.0 2026-03-05

  • Added subdomain enumeration via certificate transparency data
  • Subdomain results included in domain lookup response via subdomains option

v0.18.0 2026-03-04

  • Added X-Client-Request-ID header support for client-supplied request correlation

v0.16.0 2026-03-02

  • Added email security analysis — SPF, DKIM, and DMARC record validation
  • Email security available for all plans via email_security option

v0.15.0 2026-02-28

  • Plan-based limits on domains per request — free: 1, basic: 5, pro: 20

v0.13.0 2026-02-26

  • Added per-plan rate limiting — free: 5/min, basic: 30/min, pro: 120/min

v0.9.0 2026-02-20

  • Added domain reputation lookups with multi-provider scoring (Spamhaus, Google Safe Browsing, PhishTank)
  • Reputation available for pro and admin plans via reputation option

v0.6.0 2026-02-15

  • Added page screenshot capture via headless Chrome
  • Screenshots available for pro and admin plans via screenshot option

v0.3.0 2026-02-10

  • Support for multiple domains per request via domains array

v0.1.0 2026-02-05

  • Initial release — WHOIS, DNS, SSL, and HTTP header lookups with Redis caching
  • API key authentication with plan-based access control