Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Packages designed to augment commercial and in-house security platforms, support managed security services, and facilitate investigations.
Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.
Carry a complete threat intelligence analysis for a given domain or IP address and get access to a report covering 120+ parameters including IP resolutions, website analysis, SSL vulnerabilities, malware detection, domain ownership, mail servers, name servers, and more.
Gather threat intelligence via API calls covering Domain’s Infrastructure analysis, SSL Certificates Chain, SSL Configuration Analysis, Domain Malware Check, Connected Domains, and Domain Reputation Scoring.
Bolster enterprise security with our feeds covering Typosquatting domains, Disposable domains, Phishing URLs, Domain & IP reputation, Malicious URLs, Botnet C&C, and DDoS URLs.
The Who Behind Cyber Threat Intelligence
For over a decade, we have been gathering, analyzing, and correlating domain, IP, and DNS data to make the Internet more transparent and secure. Our unique collection of cyber threat intelligence feeds have proven invaluable in augmenting the capabilities of commercial security platforms (SIEM, SOAR and TIP) and helping Security Operations Centers (SOCs) & Managed Security Service Providers (MSSPs) achieve superior network visibility.
Law enforcement agencies, threat hunters, cyber forensics analysts, and security engineers also benefit from our intelligence using our diverse sets of APIs, lookup and monitoring tools, and other products designed to facilitate cybercrime detection, response, and prevention. Fortune 1000 companies and SMBs with a digital footprint rely on our intelligence to extend their brand protection efforts, enrich their marketing campaigns, conduct research, uncover market trends, and establish new business opportunities.
Join more than 50K satisfied customers
Get access to complete domain name footprints, which include ownership, timeline, updates, statuses, and other essential registration details for about every domain on the Internet.
Learn moreDive into the biggest passive DNS database comprising billions of historical DNS data points and relevant records for the vast majority of IP addresses and hosts.
Learn moreObtain precise geographical data down to the postal code with latitude and longitude coordinates, network information, timezone, connected domains, and more for deeper contextualization.
Learn moreAccess the most structured and detailed IP ranges correlated with ownership data, contacts, and network records from WHOIS, Regional Internet Registries (RIRs), and other sources.
Learn moreEnjoy complete control with convenient download formats for custom integrations, investigations, and data enrichment efforts in line with security policies.
We offer domain, DNS, and IP data in meaningful ways to developers with forward, reverse, and bulk APIs and code libraries for all major programming languages.
Our lookup and monitoring tools are easy to use with straightforward reports for domain names, IP addresses, email addresses, and other search terms of interest.
A comprehensive set of data feeds containing both real-time and historical domains, WHOIS, DNS, IP, and cyber threat intelligence datasets that are useful for efficient big data infosec analytics, forensic analysis, SIEM (security information & event management) data enrichment.
Check Enterprise Data Feed PackagesAPI access through WhoisXMLAPI can be purchased as an annual subscription. The access pricing is based on the number of queries, which is measured monthly with per-minute rate limits. The pricing structure gives predictability to business planning and solution architecture.
Check Enterprise API PackagesCommercial security platform providers such as Security Information and Event Management (SIEM), Security Orchestration, Automation and Response (SOAR), and Threat Intelligence Platforms (TIPs), use our intelligence to boost their capabilities and achieve better threat contextualization and prioritization.
Managed Security Service Providers (MSSPs) use our data as part of their correlation processes to deliver visibility into their clients’ networks and better detect, analyze, and deal with all types of security events, threats, and vulnerabilities.
Security Operations Centers (SOCs) benefit from the breadth and depth of our intelligence to enhance ongoing cybersecurity processes and strategies. Access to our extensive data footprints, APIs, and tools helps detect, categorize, and respond to incidents.
Law enforcement & digital forensics professionals retrieve insights from our intelligence repositories to kickstart and unlock investigations as well as to gather pieces of evidence. Indicators of compromises often include domain names, DNS records, and IP addresses.
A better understanding of current and historical footprints can be of great value to digital marketers, business development managers, researchers, and other specialists to level up their business intelligence and build commercial applications.
Brand managers and legal specialists use our footprints and monitoring tools to stay updated on typosquatting, cybersquatting abuses, trademark infringements, and other abuses and misrepresentations of their brands' domain names.
No matter what type of cyber attack you face, be assured that our different sources of cyber threat intelligence will bring the visibility you need to support decision making.
Learn moreStay one step ahead of cybersquatters, phishers, and copycat competitors and protect your Internet domain names with the right set of data feeds and monitoring capabilities.
Learn moreSafeguard your organization and clients against payment transaction fraud and other scams with the help of actionable domain and IP intelligence covering location and ownership.
Learn moreGet extensive domain intelligence, including new registrations, recent expirations, reputation, and historical ownership to make informed decisions about your next domain investments.
Learn moreUse our vast cyber threat data in your investigations to uncover connections between domain names, IP addresses, and ownership information to track down cybercriminals.
Learn moreMonitor web asset acquisitions and fraudulent online transactions, identify investment opportunities, and verify merger and spinoff activities by using domain and IP intelligence.
Learn moreWork with our updated and comprehensive domain and IP intelligence sources to facilitate domain registration, administration, and transfer as well as to follow-up on instances of abuse concerning web assets under your management.
Learn moreBetter understand and target your audiences and customers with access to our diverse domain, DNS, and IP datasets put together in different formats to enrich your marketing and research activities.
Learn moreWe are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.
