$ man domain-threat-report
/domain-threat-report
PRICE / CALL
$0.08
USDC · base mainnet · scheme: exact
──────────────────────────────────────────────────────────────────────────────
NAME
domain-threat-report — domain threat report api for a security investigation on any domain: is this a phishing domain, a lookalike squat, or a legitimate regist…
SYNOPSIS
POST https://x402.agentutility.ai/domain-threat-report
Content-Type: application/json
X-PAYMENT: <signed-transferWithAuthorization>
{ ... }↳ first call → 402 Payment Required. Sign USDCtransferWithAuthorization, retry with theX-PAYMENT header.
DESCRIPTION
Domain threat report API for a security investigation on any domain: is this a phishing domain, a lookalike squat, or a legitimate registration? Covers WHOIS/RDAP registration age, DNS records, TLS certificate posture, DMARC/SPF/DKIM email authentication, certificate-transparency subdomain enumeration, IP/ASN hosting attribution, and homoglyph lookalike detection on the domain string. Composite: one call runs whois-lookup + dns-lookup + ssl-cert-info + dmarc-check + subdomain-enum + homoglyph-check + ip-asn in parallel (ip-asn needs a resolved A record and is skipped otherwise) into {registration, dns, tls, email_auth, subdomains, ip_intelligence, lookalike_check}. Use it as a phishing check API, domain security audit, or brand-impersonation detector.
INPUT — request schema
| property | type | description | req? |
|---|
| domain | string | Domain to investigate, e.g. 'example.com'. Max 253 chars; bare hostnames only (scheme/path are stripped if present). | required |
OUTPUT — response shape
| field | type | description |
|---|
| domain | string | — |
| registration | string | — |
| dns | string | — |
| tls | string | — |
| email_auth | string | — |
| subdomains | string | — |
| ip_intelligence | string | — |
| lookalike_check | string | — |
| composed_of | string | — |
| components | string | — |
| degraded | string | — |
EXAMPLES — two ways to call
EXAMPLE 1 · curl
curl -X POST https://x402.agentutility.ai/domain-threat-report \
-H 'Content-Type: application/json' \
-d '{ }'first response = 402 Payment Required with payment requirements; sign + retry with X-PAYMENT.
EXAMPLE 2 · mcp
# Install the MCP package for this endpoint's cluster
npx -y @agentutility/mcp-<cluster>
# Required: EVM private key with USDC on Base
export X402_PRIVATE_KEY=0x...
# Then call the domain-threat-report tool from your MCP-aware agent.
MCP server handles payment automatically — your coding agent just calls the tool by name.
METADATA
- tags
- composedomainthreatreportdomain-threat-report
- methods
- POST
- cluster
- compose
- price
- $0.08 USDC per call
ADJACENT — other endpoints in compose
| endpoint | description | price |
|---|
| agent-prelaunch-audit | Ship-readiness check before you push an AI app live: agent due diligence and prelaunch audit in one call instead of six. | $0.08 |
| company-intel-pack | Company research bundle for B2B enrichment agents: firmographic profile, domain intelligence, WHOIS registration, TLS posture, tech stack… | $0.08 |
| country-risk-monitor | Re-runnable country monitor: recency-scoped web search headlines, any live Polymarket prediction markets referencing the country (data-on… | $0.08 |
| cyber-exposure-brief | External exposure summary for a domain: DNS records, the hosting network/ASN behind the resolved IP, TLS certificate posture, and a web s… | $0.08 |
| esg-company-scan | Summary of a company's publicly reported ESG posture: a web search scoped to sustainability/emissions/labor/governance coverage plus a st… | $0.08 |
| image-asset-pipeline | Turns a text prompt into a production-ready image asset in one call: generate, sharpen, cut out the background. | $0.08 |
| meeting-brief | Turns a meeting or call recording into speaker-labeled notes and a summary in one call. | $0.08 |
| patent-landscape-brief | Approximate patent/prior-art landscape for a topic, built from published technical prior art rather than a patent-office filing search: a… | $0.08 |