Blog & How To Guides | WhoisXML API
Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages Cyber Threat Intelligence Services
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Premium API Services
Premium API Services

Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.

Threat Intelligence Analysis
Threat Intelligence Analysis

Carry a complete threat intelligence analysis for a given domain or IP address and get access to a report covering 120+ parameters including IP resolutions, website analysis, SSL vulnerabilities, malware detection, domain ownership, mail servers, name servers, and more.

Threat Intelligence APIs
Threat Intelligence APIs

Gather threat intelligence via API calls covering Domain’s Infrastructure analysis, SSL Certificates Chain, SSL Configuration Analysis, Domain Malware Check, Connected Domains, and Domain Reputation Scoring.

Threat Intelligence Data Feeds
Threat Intelligence Data Feeds

Bolster enterprise security with our feeds covering Typosquatting domains, Disposable domains, Phishing URLs, Domain & IP reputation, Malicious URLs, Botnet C&C, and DDoS URLs.

Custom development

We offer comprehensive services for the integration of our data – from consultations to the precise definition of the basic needs of the business to increase the work efficiency.

Registrar WHOIS Services

Set up and manage public WHOIS servers for your business. Our WHOIS parsing system is a utility that collects extensive information about any given domain by sending series of DNS and WHOIS queries. The report is generated in raw as well as in parsed format.

Support services

Regardless of whether you are a startup, a small business or a global one, our team is always ready to help you. Enterprises operating on a scale can also choose special premium support management with high priority 24/7 email and telephone responses and other professional services.

Internet Statistics Reports

Get customized reports on TLDs covering datasets falling under domain name, WHOIS and DNS category.

×
Contact Us

WhoisXML API Blog

follow us in feedly
DNS Hijacking Prevention: How to Detect Suspicious Subdomains with Passive DNS

DNS Hijacking Prevention: How to Detect Suspicious Subdomains with Passive DNS

Earlier this year, we saw several cyberattacks target European and Middle Eastern governments and other organizations. Their modus operandi? DNS hijacking. The attackers intercepted Internet traffic going to the victimized websites, likely enabling them to obtain unauthorized access to the intended targets’ networks.

That’s just one of the many occasions when organizations fell prey to DNS hijacking attacks. More can succumb to the threat if we’re to consider that 34% more companies in 2019 alone suffered from a DNS attack (not limited to DNS hijacking) compared to 2018, costing each victim an average of almost $1.1 million.

DNS hijacking notably occurs when hackers tamper with the Domain Name System (DNS) to redirect a target website’s visitors to fake login pages designed to capture their passwords and other information they may unknowingly fill in.

But to what extent can DNS hijacking affect organizations with a widespread online presence?

This post aims to answer this question by looking into eBay’s potential domain attack surface and the numerous subdomains that contain its brand aided by passive DNS and publicly accessible data.

Continue reading

Step-by-Step Guide to Getting Started with NRD 1.0

Domain intelligence gleaned from WhoisXML API’s Newly Registered & Just Expired Domains can help companies in multiple ways, including but not limited to:

  • Supporting threat intelligence collection and correlation;
  • Looking into domain registration trends and market shares;
  • Enhancing brand and trademark protection strategies;
  • Gathering data for competitor analysis and anticipating the rivals’ next moves.

We tackle these use cases with illustrations in this in-depth guide, along with details on how to access such a source via flexible pricing plans.

Continue reading
A toolkit for testing domains and their webpages

A toolkit for testing domains and their webpages

In the present blog, we demonstrate how to perform a variety of technical and security tests against a domain by using WhoisXML API's Domain Reputation API. It is a RESTFul API that can be used in a broad range of popular programming environments, including e.g., BASH shell scripts, Windows PowerShell, Python, Java, C++, to name a few. It can be seen as a toolkit performing many tests ranging from DNS checks through revealing e-mail and web server configuration shortcomings to safe web browsing issues such as SSL problems or the presence of the domain in blacklists. The API has recently been updated to provide numeric codes for various tests and warnings; let us see what they can be good for.

Continue reading

HOW Does IPv6 Compare with IPv4 Geolocation?

IP geolocation databases can provide the physical location of a computer or device connected to the Internet. This data is useful for targeted advertising and implementing location-specific features or obtaining usage statistics. Despite becoming the Internet Standard in July 2017, IPv6 remains less commonly used and documented than IPv4 worldwide. Therefore, the available IP geolocation lookup data tend to be more accurate for IPv4 than for IPv6.

Continue reading
Geo Targeting: How Is It Helping Businesses Improve The Bottom Line?

Geo Targeting: How Is It Helping Businesses Improve The Bottom Line?

Maximizing the profit is the ultimate goal of every business—and there are several ways to achieve that. For instance, you can reduce your expenses and product costs or increase your product or service prices. But generally, these strategies should be accompanied by techniques that seek to increase sales and find new customers too.

There are existing technologies in the digital world that can help you meet your business goals, and IP geolocation is one of them. In a nutshell, geolocation is the process of identifying the physical location of online users.

Whether intentional or not, businesses with an online presence—that is to say, almost all businesses have become global. Right now, people from any part of the world could be browsing your website! You can confirm that by looking at your traffic analytics.

The question is, how can you convert this traffic into sales to improve your bottom line? Geo targeting or geotargeting (regardless how you spell it) might be the key to that.

Continue reading

IP Geolocation analysis in Python made simple

WhoisXML API's IP geolocation services are powerful, reliable, and competitively priced sources of IP geolocation data. In particular, the IP geolocation API has a strong Python support: the simple-geoip package relies on this API, and it provides maybe the easiest way to get IP geolocation information in Python. 

Continue reading
Powering Asset Discovery with Domain and Subdomain Intelligence Sources

Powering Asset Discovery with Domain and Subdomain Intelligence Sources

Everyone leaves digital footprints behind while using Internet-based technologies. Besides, in the process of improving digital services, acquiring new companies, and doing business in general, organizations inadvertently create digital trails. When threat actors pick up the scent, the result could be devastating and costly.

Asset discovery can help organizations keep track of their technological assets, so they can apply the necessary protection and keep their overall infrastructure safe from malicious actors. How so? Let’s take a closer look.

Continue reading

Cybersecurity Forensics Analysis Using Domain Intelligence Sources

Forensic science has crossed over to the digital world in what is now called “digital or cybersecurity forensics.” And just like their physical crime scene counterparts, cybersecurity forensics experts need to hold on to whatever evidence they have and use it to get one step closer to catching the perpetrator.

Evidence comes in many different forms, but cybercriminals often use domain names and Domain Name System (DNS) infrastructure since those assets are practically what makes the Internet work.

When creating botnets for a distributed denial-of-service (DDoS) attack, for example, threat actors need to infect hundreds or thousands of devices. Each of these devices has an IP address, and the requests they send to the target’s server may sometimes contain the command-and-control (C&C) server domain. Even with their most effective entry point - phishing emails - the bad guys need to use domain names and subdomains.

Continue reading
follow us in feedly
Try our WhoisXML API for free
Get started