Blog & How To Guides | WhoisXML API
Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
WhoisXML API Predictive Threat Intelligence
Predictive Threat Intelligence

Detect and block access to and from dangerous domain names before malicious actors can weaponize them. Contact us today for more information.

WhoisXML API Internet Infrastructure
Internet Infrastructure

Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.

Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Multi-Level API User Administration Now Available - Manage individual API keys for team members in your organization.

Learn More
×
Contact Us

WhoisXML API Blog

follow us in feedly
All posts Product launches and updates Partnerships Domain activity highlights CyberSec Navigator For developers Product blogs

Access Our Premium DNS Database with the Largest, Most Unique DNS Coverage in the Market

WhoisXML API recently launched Premium DNS Database, a passive DNS database download variant with expanded coverage that is now expected to be the largest on the market with the highest number of unique fully qualified domain names (FQDNs).

This significant improvement is part of our ongoing efforts to help make the Internet safer and more transparent. With our Premium DNS Database, enterprises can gain an even more comprehensive view of the DNS, where ongoing Internet activities are recorded as they occur at a massive scale.

Continue reading

Widen Your Threat Visibility with Our New Threat Intelligence Data Feeds (TIDF)

In line with our mission of making the Internet safer, WhoisXML API recently launched a new Threat Intelligence Data Feeds (TIDF) offering with the goals of complementing existing security intelligence and systems, widening threat visibility, and accelerating threat response.

“Our Threat Intelligence Data Feeds help achieve superior coverage of known bad web assets. The current cybercrime climate demands extensive threat intelligence to detect malicious events and categorize them into threat types while enabling organizations to act quickly,” says Jonathan Zhang, CEO of WhoisXML API.

Continue reading

April 2023: New Domain Activity Highlights

Of the millions of domains registered during 1–30 April 2023, WhoisXML API researchers studied a randomized sample of 29,000 domains to determine commonalities in their registrant country, registrar, and TLD. Our analysis also included looking into the domain registration volume for the riskiest or most-abused TLDs.

Additionally, the researchers examined domain text string usage to uncover potentially emerging trends. This study’s findings and links to threat reports developed using DNS, IP, and domain intelligence sources are summarized below.

Continue reading

Predictive Threat Intelligence: Introducing the New Early DGA Detection Feed

The current cyber threat landscape leaves security teams with no option but to be proactive and continuously aim to stay one step ahead of threat actors. To supplement existing threat intelligence feeds that keep track of known bad properties, WhoisXML API recently launched the Early DGA Detection Feed. This predictive threat intelligence source tracks new domains created algorithmically, leveraging a combination of Machine Learning and Artificial Intelligence, typically identifying pre-weaponizationed domains as they get registered.

Continue reading

March 2023: New Domain Activity Highlights

Of the millions of domains registered during 1–31 March 2023, WhoisXML API researchers studied a randomized sample of 31,000 domains to determine commonalities in their registrant countries, registrars, and TLDs. Part of our analysis also included looking into the domain registration volume for the riskiest or most-abused TLDs.

We also analyzed domain text string usage to detect potentially emerging trends. Check out our findings below and links to the threat reports our researchers put together using our domain, DNS, and IP intelligence sources.

Continue reading

Top 24 Domain, IP, and DNS Intelligence Trends and Cybersecurity Statistics for 2022–2023

Aggregated domain and DNS data is a rich source of intelligence, providing security researchers, companies, and solutions with contextual information for multiple business and cyber processes, including threat detection and response, attack surface management (ASM), third-party risk management, brand protection, and identity and access management (IAM).

Over the years, WhoisXML API has conducted several cyber investigations and collated some facts and statistics from our most recent work below.

Continue reading

February 2023: New Domain Activity Highlights

Of the millions of domains registered on 1–28 February 2023, WhoisXML API researchers analyzed a randomized sample of 28,000 domains to determine their top registrars, registrant countries, and TLD distribution. We also studied their text string usage to detect possible emerging trends. Check out our findings below, along with links to the threat reports our researchers put together using our domain, DNS, and IP intelligence sources.

Continue reading

WhoisXML API Is Now a Snowflake Partner

Internet data sharing and transparency have always been part of WhoisXML API’s advocacy. Our commitment to this goal has prompted us to develop collaborative relationships with various entities, including security companies and platforms, researchers, and media organizations.

Among our most recent endeavors relevant to that is joining the Snowflake Partner Network. This collaboration means that WhoisXML API’s comprehensive WHOIS, IP, and DNS intelligence can now be accessed through Snowflake.

Joint users can now have instant access to domains as they are added, updated, and dropped on a daily basis while enjoying the platform’s scalable, flexible, multi-cluster data architecture.

Continue reading
follow us in feedly
Try our WhoisXML API for free
Get started