Skip to main content


Read about the basics of Domain Intel

Quick View

What it doesRetrieves intelligence data for submitted domains
Supported Languages
  • Look up the reputation score of a domain
  • Retrieve a detailed intelligence report for a domain
Supported Providers

What is the Domain Intel service?

The Domain Intel service allows you to retrieve intelligence about known domain names. Through a combination of providers, you gain access to the disposition of over 390 million domain addresses.

Why use the Domain Intel service?

Pangea serves intelligence data from third party providers, normalizing responses, to help you quickly identify malicious domains. All of this happens through a unified API and SDK - with no contracts or direct integrations to the provider required.

For example, if you set DomainTools as the provider, you’ll receive a standard score that can be easily interpreted in the API response. Armed with this information, you might choose to immediately block or investigate a domain in your environment.

Use Cases

The Domain Intel API can be embedded directly into your application to determine if a domain is known to be malicious. Common use cases include:

  • Detecting malicious domains in forum posts, blogs, chat sessions, social applications, or any other type of user generated content.
  • Blocking a user signing up for your app with an email that has a malicious domain in it.
  • Checking domain names extracted from files stored in the Pangea Secure Object Store.
  • Checking domain names extracted from suspicious files that have been either statically or dynamically analyzed (i.e. sandbox detonation or runtime behavior analysis).
  • Checking the address of incoming emails to detect and block Business Email Compromise, Phishing, and SPAM email campaigns. This may include one or more of the following, for example:
    • The From Address (e.g.
    • The Return-Path Domain (e.g.
    • The DKIM Signing Domain
    • Any other links, headers, content, and brand assets included in the message

Was this article helpful?

Contact us