Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.
Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.
Carry a complete threat intelligence analysis for a given domain or IP address and get access to a report covering 120+ parameters including IP resolutions, website analysis, SSL vulnerabilities, malware detection, domain ownership, mail servers, name servers, and more.
Gather threat intelligence via API calls covering Domain’s Infrastructure analysis, SSL Certificates Chain, SSL Configuration Analysis, Domain Malware Check, Connected Domains, and Domain Reputation Scoring.
Bolster enterprise security with our feeds covering Typosquatting domains, Disposable domains, Phishing URLs, Domain & IP reputation, Malicious URLs, Botnet C&C, and DDoS URLs.
We offer comprehensive services for the integration of our data – from consultations to the precise definition of the basic needs of the business to increase the work efficiency.
Set up and manage public WHOIS servers for your business. Our WHOIS parsing system is a utility that collects extensive information about any given domain by sending series of DNS and WHOIS queries. The report is generated in raw as well as in parsed format.
Regardless of whether you are a startup, a small business or a global one, our team is always ready to help you. Enterprises operating on a scale can also choose special premium support management with high priority 24/7 email and telephone responses and other professional services.
Get customized reports on TLDs covering datasets falling under domain name, WHOIS and DNS category.
Apply for access to our seven threat intelligence sources designed to facilitate the detection and investigation of emerging threats and gather insights on your and third parties’ security posture.
Detect typosquatting domain names right when they are registered. Our typosquatting domain intelligence covers copycats, misspellings, and other suspicious domain variants that could serve to impersonate big brands or abuse their trademarks. Our feed is structured to flag new lookalike domains on the day after they appear on the DNS and where similarity could be deceptive.
Access lists of disposable domains provided by more than 2,000+ temporary email services. Disposable email addresses may figure in abusive registrations and spam or phishing communications.
Know all confirmed phishing[1] URLs to better prevent credential and identify theft. Armed with that know-how, you can keep employees and all network users safe from accessing sites and pages that can put them and your company in harm’s way.
[1] Phishing is a cybercrime technique where an attacker uses digital means of communication, such as emails or social media posts, to fool victims into revealing sensitive or confidential credentials.
Check the reputation and risks associated with any domain or IP address. Our reputation data feed covers 120+ parameters that include host and server responses, configurations, and other potential issues; notable domain registration events; Secure Sockets Layer (SSL) certificate validity and possible vulnerabilities; malware database checks; and more.
Get a list of website URLs that are known hosts of malicious files or redirect to dangerous pages. Some of them may even be rigged to drop harmful executable files on visitors’ systems.
Botnets gather user data and distribute commands through common-and-control (C&C) servers. Obtaining a list of all known C&C URLs is one way to prevent unauthorized network access from remote users.
We provide URLs that may be part of an ongoing distributed denial-of-service (DDoS) attack[2] as well as their botnet controller locations and decoded commands used for attacks.
[2] A DDoS attack utilizes a massive flow of non-human/bot traffic generated to disrupt a web server's normal operations until it crashes. DDoS attacks lead to business downtime and revenue loss.
Taking a more proactive stance on preventing crime, theft, and fraud is possible with robust threat intelligence sources. Contact us if you are interested to apply for access to Threat Intelligence Data Feeds.
Our threat data is available in the form of a series of enterprise-grade APIs designed for scalability and cover domain infrastructure analysis, SSL certificate chains and configuration, domain malware check, and more.
We are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.
WhoisXML API uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.