5
Signals
DNS, HTTPS, pages, contact, security
Pre-screen domains, score website trust, and enrich business leads with explainable signals. Deterministic. Fast. Built for onboarding workflows.
50 free checks/month · no card needed · already have an account? Sign in.
No KYB / KYC claims
Pre-screening, not compliance.
Edge-cached worldwide
ms-class warm latency.
Explainable scoring
Insights with evidence.
curl "https://zygentrust-api.salarylab.workers.dev/v1/analyze?domain=example.com" \
-H "Authorization: Bearer zt_test_..." const res = await fetch(
"https://zygentrust-api.salarylab.workers.dev/v1/analyze?domain=example.com",
{ headers: { Authorization: `Bearer ${process.env.ZT_KEY}` } });
const data = await res.json(); import os, requests
res = requests.get(
"https://zygentrust-api.salarylab.workers.dev/v1/analyze",
params={"domain": "example.com"},
headers={"Authorization": f"Bearer {os.environ['ZT_KEY']}"},
)
data = res.json() { "domain": "example.com", "trust_score": 82, "risk_level": "low", "recommended_action": "approve", "confidence": 0.78, "insights": [ /* 2 items */ ]} 5
Signals
DNS, HTTPS, pages, contact, security
1 score
Verdict
Risk · action · confidence — explainable
ms-class
Latency
Cold ≤ 2s · warm cached at the edge
Watch the analyze pipeline collect deterministic signals, then resolve to a trust score and a recommended action you can ship into onboarding.
DNS over HTTPS for A, AAAA, MX. We confirm the domain is alive and that mail infrastructure exists before anything else.
We try HTTPS first, fall back to HTTP, and follow at most one redirect with a strict timeout. Cross-domain hops to abuse TLDs are flagged.
Privacy, terms, contact, and about. Six shallow probes, never recursive, never deeper than one click.
Weighted rules and explainable insights — never a black box. You always see why.
The analyze pipeline collects deterministic signals, then resolves to a trust score and a recommended action.
DNS over HTTPS for A, AAAA, MX. We confirm the domain is alive and that mail infrastructure exists before anything else.
We try HTTPS first, fall back to HTTP, and follow at most one redirect with a strict timeout. Cross-domain hops to abuse TLDs are flagged.
Privacy, terms, contact, and about. Six shallow probes, never recursive, never deeper than one click.
Weighted rules and explainable insights — never a black box. You always see why.
ZygenTrust collects deterministic signals across DNS, HTTP, trust pages, contact, security, history, brand abuse, network reputation, and external threat intel — and turns them into an explainable score with evidence.
Resolves records via DNS over HTTPS. Verifies HTTPS, checks redirects. Identifies hosting provider, ASN, and network type.
Detects privacy, terms, contact, about, pricing, testimonials, and business category — plus lead quality scoring.
Checks domain age via RDAP, certificate history via crt.sh, Wayback availability. Detects punycode, typosquat, and suspicious keyword patterns.
Every score comes with an evidence summary, top positive/risk signals, data sources used, confidence explanation, and a recommended action.
One call. Predictable JSON. Made to slot into onboarding, lead scoring, and merchant pre-screening pipelines.
Block obvious junk signups before they hit your trial pipeline.
Quickly triage new vendor applications by domain trust.
Add a deterministic trust signal next to your firmographic data.
Skip prospects whose websites lack the trust signals to support a deal.
50 checks / month
For testing the API and validating basic trust signals.
2,500 checks / month
For early onboarding workflows moving beyond free validation.
25,000 checks / month
For teams automating merchant, seller, or lead review.
100,000 checks / month
For platforms screening domains at higher volume during private beta.
The last three things we shipped. Each line is one decision the team made — what changed, why, and where to read more.
Engineered for production
Edge-cached worldwide: ms-class warm latency. Postgres-grade durability: ACID transactions. Schema-validated end-to-end: Zod-backed contracts. TS-strict by default: no any, no escape hatches. Deterministic by design: no AI in scoring. Explainable, not magic: every score has evidence. Audit-ready logs: compliance-grade trail. Bot-defended at the edge: request-time verification.
The questions we hear before sign-up. If yours is not here, hit the waitlist with it — we will reply on the same thread.
No. ZygenTrust is lightweight pre-screening for business websites — domain risk, trust pages, contact signals, security headers, and business intent. It is not identity verification, sanctions screening, or document-based KYB. It pairs well with a full KYB stack but does not replace one.
Link to this answerDeterministic, weighted rules across DNS, HTTP, trust pages, contact, and security. No AI in the scoring path. Every score ships with a confidence value, evidence, and template insights so you can audit why a domain landed where it did. Full weights live in the public scoring rules document.
Link to this answerYes, on Growth and Pro. Default cache TTL is 24 hours for every plan. Growth can pass a per-request TTL from 1 to 72 hours, and Pro extends that to 168 hours. Cached responses still consume one quota check so billing stays predictable.
Link to this answerThe API is built on an edge runtime with KV cache, so warm latency stays in the millisecond class regardless of volume. Per-key monthly quotas enforce billing, and per-IP rate limits are layered in for abuse defense. If you expect more than 100,000 checks a month, talk to us before signing up so we can scope the right plan.
Link to this answerZygenTrust is GDPR-aligned in how it handles data. A Data Processing Addendum is available on request — see the DPA page. Note that ZygenTrust intentionally does not store extracted contact details (no email or phone harvesting), so the DPA scope is narrow by design.
Link to this answerNot in the MVP. The API is delivered as a managed edge service. If you have a hard regulatory reason for self-hosting, mention it on the waitlist and we will keep your details for a future evaluation when an enterprise tier ships.
Link to this answerThe API returns 429 with the QUOTA_EXCEEDED error code. Response headers include X-RateLimit-Limit, X-RateLimit-Remaining, and X-RateLimit-Reset (epoch seconds for the next monthly reset). Cached responses still consume quota — that is a deliberate billing decision so you do not get surprised by burst caching.
Link to this answerYes. The product roadmap, frontend roadmap, and backend roadmap are all checked into the repo and updated session by session. The shared memory file logs every meaningful change with dated audit entries. Pricing, scoring rules, and the API design document are public too.
Link to this answerSelf-serve for Free and Starter plans. No black box, no surprise pricing wall, no "contact sales" gate before you can see the API in action.
Step 1
Sign up with email and password or Google. Confirm your inbox if email signup. No card required, no sales call, no waitlist for the Free plan.
Step 2
Open the dashboard and create a test key. The secret is shown once and starts with zt_test_. Free includes 50 checks per month with no overage charges.
Step 3
One GET request returns a deterministic trust score, risk level, recommended action, confidence, signals, and explainable insights. No SDK to install. No webhook to configure for the first call.
Growth and Pro plans are issued manually for now — tell us what you are building and we will reply within two business days. ZygenTrust is currently on a preview domain; a custom domain and public status page roll out together with the first paid plans.
Create an account, generate a test key from the dashboard, and call /v1/analyze with a real domain. No card, no sales call.
Need a higher plan or batch access? Talk to the team →
Be the first to use ZygenTrust in production. We will email you when API keys are available for your plan.