Domain Reputation
Almost every connection made on the internet involves a domain name: DNS and domain names are a fundamental piece of internet architecture. Our thorough analysis of a domain's use, behavior and activity builds a unique in-depth picture of that domain. This context and insight is invaluable when looking at domain names in a security or reputational context.Check a domain's reputation
What is domain reputation?
The reputation of a domain captures the who, what, where and when of the domain.
All these rich datapoints are used to indicate if, when, and how to engage with the domain.
Learn moreHow is the Domain Reputation Score calculated?
To assess the reputation of a domain, Spamhaus uses both signal intelligence (SIGINT) and open source intelligence (OSINT) techniques. These include a combination of machine learning, heuristics, and manual investigations.
To ensure the accuracy and reliability of domain reputation, Spamhaus relies on a diverse range of data points from various sources. Over the past 25 years, Spamhaus has built trusted data partnerships that enabling access to important data for visibility and coverage. As a result, the reputation data generated is robust, reliable, and widely trusted in the industry.
What impacts a domain's reputation?
Any online activity that is associated with a domain leaves a "fingerprint* from which signal can be extracted to determine the reputation of the domain.
- Who owns it
- Where was it registered
- When it was registered
- Who is the registry
- When was it used
- What infrastructure is it associated with
- How was it used
Researchers like Spamhaus use this signal to determine how safe a domain is to engage with. It’s important for Internet users to understand that all online behavior affects domain reputation.
How can domain reputation data be utilized?
- Reporting - e.g. can I trust this operator to host my domain?
- Investigating - e.g. what malware is associated with this domain
- Vetting - e.g. can I trust this domain on my network?
- Blocking - e.g. blocking users from visiting phishing websites.
- Filtering - e.g. filtering potentially malicious