Threat Intelligence Solutions | WhoisXML API

Threat Intelligence Solutions

We provide a comprehensive arsenal of cybersecurity tools and APIs that allows organizations to dynamically address threats. Users can gain better visibility of continually evolving threats beyond the firewall and predict potential intrusions by mapping adversaries’ infrastructure. They can dig deeper with historical data culled from exhaustive internal databases and threat intelligence feeds. Users can also resolve cyber investigations in less time and keep trademark issues at bay with readily available suites of enterprise-grade research and monitoring tools.

Have questions?

Contact us at

13.7+ billionWHOIS records
721+ millionDomains tracked
2,864+TLDs & ccTLDs
4.2+ billionDomains and subdomains

Customizable solution components

Enterprise Security Intelligence Packages

A suite of WHOIS, Domain, and IP intelligence packages designed to meet the needs of the most advanced cybersecurity users — in-house security departments, managed security service providers, and cyber forensics investigators and threat hunters.

Enterprise Tools Packages

A set of tools and platforms that's useful for domain research & monitoring, threat investigation, threat intelligence and general cyber-security research.

Enterprise API Packages

A comprehensive set of APIs for domain, WHOIS, DNS and IP research & monitoring, plus threat investigation, threat defense and SIEM (security information & event management) data enrichment.

Enterprise Data Feed Packages

A comprehensive set of data feeds that contain both real-time and historic domains, WHOIS, DNS, IP and cyber threat intelligence datasets that are useful for efficient big data infosec analytics, forensic analysis, SIEM (security information & event management) data enrichment. Ideal when enterprise or government security policies prohibit the use of API calls outside the internal network.

You can select all of the mentioned components or pick those you specifically need. For pricing and details contact us.

Practical usage

  • Integrate our APIs into your current security systems to look into old domain profiles, registrant details, WHOIS, and passive DNS records.
  • Identify malicious website owners’ real locations, along with dangerous domains that can be used to compromise your data, servers, and systems.
  • Evaluate multiple endpoints, third-party applications, and current cybersecurity practices for potential vulnerabilities from the inside and outside.
  • Detect phishing domains and copycat websites to protect your brand identity and reputation as well as steer clear of lawsuits.
  • Get granular with data. Retrace records and missing information to track your adversary’s digital footprint and close cyber investigations.
  • Strengthen your DNS ecosystem and protect your most valuable cyber assets, such as your website content, user information, and payment gateways.
  • Reduce time and effort by automating queries, threat protection, and adversary analysis.
  • Narrow down your priorities for managed detection and response (MDR) specialists’ attention.
  • Compare data points and weigh them against broader datasets from external sources to establish additional contexts related to cyber incidents.

Customer success stories

Whois Data Opening up a New Avenue
for the Measurement of Entrepreneurship

Entrepreneurship is the central process through which economic growth and performance is fostered in a regional economy. Its evaluation is thus of paramount importance for policymakers and economists. However, the quantification of entrepreneurship, that is, introduction of measures to describe the attempts to start growth-oriented business, the likelihood of their success, the ability to raise venture capital, etc. is a challenging task due to the lack of globally available and accurate input data on e.g. business registration.

In a recent working paper a new approach is proposed to overcome this issue by using WHOIS registration data. The approach is applied to companies in Oxford and Cambridge, UK as a demonstration, by using data purchased from WhoisXML API.

Read full story

Is a HTTPS Webpage as Secure as Expected?

Encrypted communication on the Internet is most commonly realized by Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Webpages communicating sensitive content, including Internet banking, webshops, etc. use the HTTPS protocol which is based on this. E-mail servers, when communicating with clients in a secure manner, use the relevant e-mail transfer protocols such as SMTP, IMAP or POP3 over SSL/TLS.

In current practice web pages are often hosted at least in part by third-party hosting providers or content-delivery networks. Thus the hardware systems we communicate with belong to these third parties, which may host many other pages of completely different entities. And, in order to establish desired secure communications, these parties have to get hold of private keys of these entities. Currently, many providers overtake even the management of keys from their clients which gives rise to profound and possibly severe security implications...

Read full story

For pricing details and building your customized solution, please contact us!