Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages AI Deep Research
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Predictive Threat Intelligence Feeds
Predictive Threat Intelligence Feeds

Predictive threat intelligence is your best first line of defense. Subscribe to the feeds to strengthen your cybersecurity posture. Contact us today for more information.

WhoisXML API Internet Infrastructure
Internet Infrastructure

Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.

Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

MCP Server
MCP Server

Talk to our APIs using LLMs. Connect your preferred LLM to WhoisXML API and simply chat about WHOIS, DNS, threat intelligence, and more.

Jake AI
Jake AI

I’m your Domain Intelligence Assistant. I make it easy to explore WHOIS, DNS, and threat data from WhoisXML API — I’m cloud-based, fast, and always ready to help.

Discover what you really pay for when buying commercial Internet intelligence data.

Download now
×
Contact Us

WhoisXML API Blog

follow us in feedly
All posts Product launches and updates Partnerships Domain activity highlights CyberSec Navigator For developers Product blogs

August 2025: Domain Activity Highlights

WhoisXML API analyzed 8.5+ million domains registered between 1 and 31 August 2025 to identify the most popular registrars, top-level domain (TLD) extensions, and other global domain registration trends.

We also determined the top TLD extensions used by 45.1+ billion domains from our DNS database’s A record full file dated 7 August 2025.

Next, we studied the top TLDs of 1.0+ million domains detected as indicators of compromise (IoCs) this August.

Finally, we summed up our findings and provided links to the threat reports produced using DNS and domain intelligence sources during the period.

Continue reading

Wildcard Subdomains and Their Effect on Attack Surface Mapping

Everything has its pros and cons. For web administrators, wildcard subdomains help simplify domain management and dealing with multisite applications. For cybersecurity professionals, they are a source of regular headaches. They can make an organization’s attack surface look much bigger (or smaller) than it actually is. 

In this post, we look at wildcard subdomains from the security perspective: how they affect attack surface mapping, why it happens, and how you can see through the noise.

Continue reading

Best Subdomain Enumeration Tools and Techniques

The task of enumerating the subdomains of a domain, while it may appear simple at first glance, is in fact quite complicated. There is no one technique that can find every subdomain, and different tools produce different results because they rely on different sets of techniques.

In this post, we discuss the techniques that can be used for subdomain enumeration and some of the best tools that use these techniques with varying degrees of success.

Continue reading

WhoisXML API Launches the TLD RDAP Monitor

WhoisXML API is proud to announce the launch of the TLD RDAP Monitor, an intuitive dashboard that constantly monitors the range of adoption of the Registration Data Access Protocol (RDAP) across 1,440 top-level domains (TLDs).

The TLD RDAP Monitor answers a critical need within the domain data ecosystem. As the industry transitions to RDAP, TLD registries have implemented the new protocol with varying degrees of progress, with some slower than others. This lack of uniformity can lead to data retrieval errors and application failures for those who rely on domain data access for their products and services.

Continue reading

WhoisXML API Ranked in the 2025 Inc. 5000 Fastest-Growing Companies in America

WhoisXML API is proud to be named among the 2025 Inc. 5000 fastest-growing private companies in America, ranking 119th in the regionals and 4,271st overall. To qualify for the ranking, companies must be independent and meet strict requirements over the three-year period from 2021 to 2024.

“It is a great honor to be on the Inc. 5000 for the eighth year now. The credit belongs to every single person who has contributed to our continued ability to provide high-fidelity cyber intelligence that enables thousands of customers to enrich cyber solutions and workflows,” says WhoisXML API CEO Jonathan Zhang.

Continue reading

How Threat Intelligence Supports Better Vulnerability Management

Traditional vulnerability management programs rely on a vast database of vulnerabilities. As of early September 2025, the National Vulnerability Database (NVD) contains more than 307,000 Common Vulnerabilities and Exposures (CVEs), 10% of which — over 30,000 — were added in 2025. This may sound scary and impossible to deal with, but the truth is that these CVEs do not reflect real-world threats because not all of them are easy to exploit. 

What security teams need to prioritize are vulnerabilities that are most likely to be exploited or are already actively exploited in the wild by threat actors targeting their specific industry. Doing this requires using threat intelligence. It helps organizations move beyond a reactive approach to vulnerability management and shifts the focus from “What assets are vulnerable?” to “What vulnerabilities are more likely to be exploited?”

Continue reading

Domain Name Protection vs. Domain Name Privacy: What’s the Difference?

An organization’s domain name is one of its most valuable digital assets, so the desire to secure it is only natural. However, the terms used to describe these security measures—domain name protection and domain name privacy—are often used interchangeably, which can lead to confusion.

While both aim to protect, there are distinct differences, which we discuss in greater detail in this post. Please refer to the table below for the TL;DR version.

Continue reading
WhoisXML API Participates in Black Hat USA 2025

WhoisXML API Participates in Black Hat USA 2025

WhoisXML API representatives led by Alex Ronquillo, Vice President, and Ed Gibbs, VP of Research and Development, joined more than 20,000 attendees at Black Hat USA 2025, which took place on 2–7 August 2025, at the Mandalay Bay Convention Center in Las Vegas.

The keynotes, briefings, and different sessions provided a comprehensive look at the current state of cybersecurity, with recurring themes shaping the industry. In this blog post, we’ll recap five of the most prominent themes from Black Hat.

Continue reading
follow us in feedly
Try our WhoisXML API for free
Get started