Security Research & Journalistic Collaborations | WhoisXML API

Security Research & Journalistic Collaborations

An essential component of journalism and security research is access to accurate and timely Internet data. WhoisXML API has worked with security researchers and journalists for a long time to advance cybersecurity knowledge, notably for the identification and study of emerging and prevalent cyber-attacks, scams, and threat actors’ techniques.

Do you have an exciting research project or investigation where WHOIS, IP, or DNS data can help make the Internet a safer place? We want to hear about it.

Have questions?

Contact us at
[email protected]

11.5+ billionWHOIS records
582+ millionDomains tracked
2,864+TLDs & ccTLDs
1.2+ billionDomains and subdomains

Why Collaborate with Us

Our data sources cover most Internet activity around the world

We offer the most exhaustive domain, DNS, and IP intelligence data sets, covering 11.5+ billion WHOIS records, 2,864+ TLDs, 100+ billion historical DNS lookups, 11.5+ million IP netblocks, and 99.68% of all active IPv4 and IPv6 addresses.

To continually strengthen data coverage and quality, we also established ongoing data exchange programs with key Internet and cybersecurity players, such as ISPs, registrars, registries, and major security vendors.

We want to support security research and data-driven journalism

We have worked with various security researchers and journalists notably to:

  • Expose malicious Internet infrastructure such as C&C servers.
  • Study dangerous Internet properties linked to money scams, credential thefts, etc.
  • Uncover the scope of dangerous footprints linked to misinformation, typosquatting, and other suspicious occurrences.

Frequently Asked Questions

How exactly have you collaborated with security researchers and journalists?

Each collaboration is unique, though it’s likely to include one or more of the following items:

  • Enrichment of security data strings related to a data breach or OSINT investigation
  • Access to our data sources to investigate a particular event or trend for news reporting
  • The exchange of complementary security datasets for analysis and joint research

Should I give credits to WhoisXML API for their data?

Yes, we expect security researchers and journalists to mention our company and its contributions in published materials where relevant.

We understand this may not always be possible with ongoing law enforcement and security investigations. Feel free to contact us if this is the case and let us know how we can support your work.

How extensive are your Internet data footprints?

Some of our key coverage statistics include:

  • 11.5B+ historical WHOIS records
  • 2,864+ TLDs and ccTLDs
  • 2B+ hostnames
  • 500B+ historic DNS lookups
  • 32M+ netblocks for 215K+ ISPs

How do we get started?

Please fill this form or contact us at [email protected].

Partner Success Stories

Mapping Malicious Coronavirus Domain Footprints

Learn how ProPrivacy, VirusTotal, and WhoisXML API partnered to create and maintain a list of suspicious domain names linked to the COVID-19 pandemic.

Read full story

OSINT Tech That Saves Lives

Learn how the National Child Protection Task Force (NCPTF) has teamed up with dozens of OSINT technology partners and law enforcement investigators to work on dozens of missing children cases.

Read full story

Clearing the Road towards Effective Web Vulnerability Alerts

Learn how academic researchers partnered with WhoisXML API and used our WHOIS database to lay the groundwork for more effective vulnerability notifications.

Read full story

Scoping Suspicious Covid-related Domain Registrations

Learn how WhoisXML API and a Bloomberg columnist raised awareness of coronavirus-related domain names possibly used in suspicious or malicious online activities.

Read full story
Have questions?

We are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.

Or shoot us an email to