Skip to main content

Domain Intel

Look up domains extracted from inputs and content sent to your app. Gain insight as to whether they’re associated with bad actors.

Developer Resources

Integrate Domain Intel with Auth0
Case Study with SiteMana
Are Reddit post links malicious?

Quick View

What it doesRetrieves intelligence data for submitted domains
Supported Languages
Capabilities
  • Look up the reputation score of a domain
  • Retrieve a detailed intelligence report for a domain
Supported Providers

About

The Domain Intel service allows you to retrieve intelligence about known domain names. Through a combination of providers, you gain access to the disposition of over 390 million domain addresses.

Benefits of using Domain Intel service

Pangea serves intelligence data from third-party providers, normalizing responses, to help you quickly identify malicious domains. All of this happens through a unified API and SDK - with no contracts or direct integrations to the provider required.

For example, if you set DomainTools as the provider, you’ll receive a standard score that can be easily interpreted in the API response. Armed with this information, you might choose to immediately block or investigate a domain in your environment.

Use Cases

The Domain Intel API can be embedded directly into your application to determine if a domain is known to be malicious. Common use cases include:

  • Detecting malicious domains in forum posts, blogs, chat sessions, social applications, or any other type of user generated content.
  • Blocking a user signing up for your app with an email that has a malicious domain in it.
  • Checking domain names extracted from files stored in the Pangea Secure Share.
  • Checking domain names extracted from suspicious files that have been either statically or dynamically analyzed (i.e. sandbox detonation or runtime behavior analysis).
  • Checking the address of incoming emails to detect and block Business Email Compromise, Phishing, and SPAM email campaigns. This may include one or more of the following, for example:
    • The From Address (e.g. info@pangea.cloud)
    • The Return-Path Domain (e.g. bounces@pangea.cloud)
    • The DomainKeys Identified Mail (DKIM) Signing Domain
    • Any other links, headers, content, and brand assets included in the message

Was this article helpful?

Contact us