Law Enforcement Solutions | WhoisXML API

Law Enforcement Solutions

Law enforcement and government cyber-crime agencies often use domain WHOIS data to verify and check on domains or IP addresses. The WHOIS records provide a lot of handy information such as the registrant name, country of registration, contact specifics, created date, etc., that can come in handy during investigations. Domain, Whois, DNS data and threat intelligence data are critical for cyber-crime investigations, threat hunting, forensic analysis and threat defense.

Have questions?

Contact us at

13.7+ billionWHOIS records
721+ millionDomains tracked
2,864+TLDs & ccTLDs
4.2+ billionDomains and subdomains

Customizable solution components

Enterprise API Packages

A comprehensive set of APIs for domain, WHOIS, DNS and IP research & monitoring, plus threat investigation, threat defense and SIEM (security information & event management) data enrichment.

Enterprise Tools Packages

A set of tools and platforms that's useful for domain research & monitoring, threat investigation, threat intelligence and general cyber-security research.

Enterprise Data Feed Packages

A comprehensive set of data feeds that contain both real-time and historic domains, WHOIS, DNS, IP and cyber threat intelligence datasets that are useful for efficient big data infosec analytics, forensic analysis, SIEM (security information & event management) data enrichment. Ideal when enterprise or government security policies prohibit the use of API calls outside the internal network.

You can select all of the mentioned components or pick those you specifically need. For pricing and details contact us.

Practical usage

  • Collect appropriate information to support communication with courts, administrative agencies and government authorities and agencies.
  • Collect information for order preparation to quickly seize or take down domains. [1]
  • Collect information to prepare prosecutions in support of the Fraudulent Online Identity Sanctions Act. [2]
  • Use domain owner information to quickly locate and communicate with site owners and their service providers via email, phone and fax.
  • Discover and connect all fraudulent sites operated by offenders and discover new possible threats and illegal activity – phishing groups often use a single or small set of unique names, addresses, phone numbers, or contact email addresses to control their portfolio of fraudulent domains.
  • Investigate leads to credit card data used to pay for fraudulent website domain registrations.
  • Recognize “drop accounts” - email accounts that phishers use to collect stolen credentials and personal information of their victims.
  • Gather intelligence on various connections between domains and their owners to take down bad actors.
[1] ICANN:

Customer success stories

Dark Crawler, a Useful Tool to Assess Child Exploitation from Online Communities

Child sexual offenders have always been quick to adapt technological advances, such as photography and film for the purposes of exploiting children. The move of child exploitation material (CEM) to the Internet has enabled them to form online communities which allow easier access to CEM, recruiting co offenders and business partners, as well as validating their deviant behavior amongst other offenders.

Despite the established harm inherent within child exploitation imagery and distribution online, current attempts to limit such content have been largely unsuccessful.

Dark Crawler is a tool used by search-engines to automatically navigate the Internet and collect information about each website and webpage which can be used to seek out specific content, such as child exploitation material ...

Read full story

For pricing details and building your customized solution, please contact us!