Actionable Threat Intelligence
Gain real-time visibility into IP addresses engaged in spoofing attempts across your domain landscape. Instantly identify malicious sources and stay ahead of evolving threats.
Spoofing IP Detection
Retrieve data pulled from our 100k+ domain directory on IP addresses that attempted to spoof and carry out phishing attacks on domains.
Real-Time & Historical Visibility
Gain real-time and historical visibility into email threats.
Actionable Threat Intelligence
Enhance response capabilities with enriched threat intelligence.
Step 2: Receive API Token
You’ll be provided with a secure bearer token for authenticated requests.
Step 3: Start Using the API
Begin retrieving spoofing IP data and enhance your security visibility.
Our Threat Intelligence API is made for:
Organizations &
MSPs
To protect themselves and their clients from phishing and cyber attacks
Security Analysts & Researchers
To investigate spoofing trends and understand attacker behavior.
Threat Intelligence Platforms
To enrich datasets with verified spoofing indicators.
Enterprise Security Teams
To actively defend against targeted email-based attacks.
Using the DMARC Threat Intel Feed API is simple! Just send a request with your desired date range, and get detailed information on spoofing attempts spotted on your domains.
Endpoint:
GET /api/v1/ipinfo/spoofing-ips
Example Request
GET /api/v1/ipinfo/spoofing-ips
Authorization: Bearer YOUR_API_TOKEN
Content-Type: application/json
{
“start_date”: “2024-09-22”,
“end_date”: “2024-09-23”,
“perPage”: 10,
“page”: 1
}
Sample Response
{
“data”: [
{
“ipv4”: “141.98.10.33”,
“observations”: [
{
“date”: “23-09-2024”,
“time”: “N/A”,
“category”: “Spoofing”,
“data_source”: “DMARC Aggregate Reports”,
“count”: 111
},
{
“date”: “22-09-2024”,
“time”: “11:01:20”,
“category”: “Spoofing”,
“data_source”: “DMARC Forensic Reports”,
“count”: 22
}
]
}
]
}