bulklookup.threatpinch.com won't resolve

[katecounter]

Trying to access bulklookup.threatpinch.com & am getting a message that the host couldn't be resolved by DNS.

[cloudtracer]

Hi @katecounter,

bulklookup.threatpinch.com was really only intended to be a placeholder for future functionality. If you're using the couchdb sync this is what will appear in the trigger field for the saved requests.

Otherwise there are filtering rules you can use to selectively perform lookups based on the websites domain you are on. So say you had all your internal websites/dashboards on *.mycompanytld.com you could limit your internal asset look to only be performed when your are on your local intranet sites. Or in the case you are some kind of MSSP different dashboards might be for different domains and you'd want your lookups to query the appropriate internal asset DBs. There is more information regarding this functionality in the wiki

The bulklookup.threatpinch.com was just a placeholder till the bulk lookups also had this filtering capability. I'll see about enabling the field for custom use in the next release or two.

[cloudtracer]

Also worth noting that all the out of the box integrations use the INTERNET request group, while the INTRANET request group was really designed for people to use with their internal asset portals. Its configurable too so if you wanted to add your public IP address space to the INTRANET request groups you could do that too, but by default its only the RFC1918 address space and RFC1918 addresses are disabled from the internet requests.

There are only a few people using the request groups like this as far as I know, and they are all managed security providers that needed the ability to send lookup requests to different API's depending on what website/portal they were on.