The Domain Intelligence API provides comprehensive domain analysis:
- Blacklist Checks: Spam and phishing domain databases
- Malware Detection: Real-time threat intelligence
- Email Security: MX records, SPF, DMARC analysis
- Domain Analysis: Age verification, parking detection, DNS provider
Endpoint
GET https://api.requestguard.com/v1/domain/intelligence
Parameters
| Parameter | Type | Required | Description |
|---|
domain | string | Yes | The domain name to analyze |
Response
{
"success": true,
"data": {
"domain": "example.com",
"threatLevel": "low",
"threatScore": 5,
"riskFactors": [
"no_dmarc_record",
"dnssec_disabled"
],
"blacklists": [
{
"name": "Spamhaus DBL",
"zone": "dbl.spamhaus.org",
"listed": false,
"category": "spam"
},
{
"name": "SURBL",
"zone": "multi.surbl.org",
"listed": false,
"category": "spam"
}
],
"blacklistCount": 0,
"isMalware": false,
"isParked": false,
"isNewDomain": false,
"domainAgeDays": 10227,
"emailProvider": "Google Workspace",
"hasMX": true,
"hasSPF": true,
"hasDMARC": false,
"dnsProvider": "Cloudflare",
"nameservers": [
"ns1.cloudflare.com",
"ns2.cloudflare.com"
],
"dnssecEnabled": false,
"registrar": "MarkMonitor Inc.",
"registrationDate": "1997-09-15T04:00:00Z",
"expirationDate": "2028-09-14T04:00:00Z",
"_meta": {
"queriedAt": "2024-12-01T12:00:00.000Z",
"responseTime": 456
}
}
}
Response Fields
Threat Classification
| Field | Type | Description |
|---|
threatLevel | string | Overall threat level: low, medium, high, critical |
threatScore | number | Threat score (0-100) |
riskFactors | array | List of identified risk factors |
Blacklist Results
| Field | Type | Description |
|---|
blacklists | array | Individual DNSBL check results |
blacklistCount | number | Number of blacklists where domain is listed |
Malware Detection
| Field | Type | Description |
|---|
isMalware | boolean | Domain blocked by Quad9 threat intelligence |
malwareSource | string | Source of malware detection (if detected) |
Domain Classification
| Field | Type | Description |
|---|
isParked | boolean | Domain appears to be parked |
isNewDomain | boolean | Domain registered within last 30 days |
domainAgeDays | number | Domain age in days |
Email Configuration
| Field | Type | Description |
|---|
emailProvider | string | Detected email provider (Gmail, Microsoft 365, etc.) |
hasMX | boolean | Domain has MX records |
hasSPF | boolean | Domain has SPF record |
hasDMARC | boolean | Domain has DMARC record |
DNS Configuration
| Field | Type | Description |
|---|
dnsProvider | string | Detected DNS provider (Cloudflare, Route 53, etc.) |
nameservers | array | Authoritative nameservers |
dnssecEnabled | boolean | DNSSEC is enabled |
Registration Info
| Field | Type | Description |
|---|
registrar | string | Domain registrar name |
registrationDate | string | Domain registration date (ISO 8601) |
expirationDate | string | Domain expiration date (ISO 8601) |
Threat Scoring
| Score Range | Level | Description |
|---|
| 0-39 | Low | Legitimate domain, minor configuration issues |
| 40-59 | Medium | Some risk factors present |
| 60-79 | High | Multiple risk factors or blacklist hits |
| 80-100 | Critical | Malware detected or heavily blacklisted |
Score Factors
| Factor | Points |
|---|
| Malware detected | +50 |
| Each blacklist hit | +25 |
| Newly registered (<30 days) | +15 |
| Parked domain | +10 |
| No MX records | +5 |
| No SPF record | +3 |
| No DMARC record | +2 |
Example Requests
Basic Intelligence Check
curl "https://api.requestguard.com/v1/domain/intelligence?domain=example.com"
Check Suspicious Domain
curl "https://api.requestguard.com/v1/domain/intelligence?domain=suspicious-domain.xyz"
Example Response (Suspicious Domain)
{
"success": true,
"data": {
"domain": "phishing-site.xyz",
"threatLevel": "critical",
"threatScore": 90,
"riskFactors": [
"malware_detected",
"blacklisted_2_lists",
"newly_registered_domain",
"no_spf_record",
"no_dmarc_record",
"dnssec_disabled"
],
"blacklists": [
{
"name": "Spamhaus DBL",
"zone": "dbl.spamhaus.org",
"listed": true,
"category": "spam"
},
{
"name": "Spamhaus ZRD",
"zone": "zrd.spamhaus.org",
"listed": true,
"category": "newly_registered"
}
],
"blacklistCount": 2,
"isMalware": true,
"isParked": false,
"isNewDomain": true,
"domainAgeDays": 5,
"hasMX": false,
"hasSPF": false,
"hasDMARC": false,
"nameservers": [
"ns1.cheap-hosting.com",
"ns2.cheap-hosting.com"
],
"dnssecEnabled": false,
"_meta": {
"queriedAt": "2024-12-01T12:00:00.000Z",
"responseTime": 523
}
}
}
Error Responses
Missing Parameter
{
"success": false,
"error": {
"code": "MISSING_PARAMETER",
"message": "Missing required parameter: domain"
}
}
Invalid Domain
{
"success": false,
"error": {
"code": "INVALID_DOMAIN",
"message": "Invalid domain format"
}
}
Rate Limits
| Plan | Requests per minute |
|---|
| Free | 10 |
| Pro | 100 |
| Enterprise | Unlimited |
Use Cases
- Phishing Detection: Check links before clicking
- Email Security: Verify sender domains
- Brand Protection: Monitor lookalike domains
- Vendor Assessment: Evaluate third-party domain security
- URL Filtering: Block malicious domains
- Fraud Prevention: Detect suspicious domains in transactions
- Domain Purchasing: Check domain reputation before buying
