Blog & How To Guides | WhoisXML API
Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Premium API Services
Premium API Services

Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.

×
Contact Us



WhoisXML API Blog

follow us in feedly
All posts Product launches and updates Partnerships Domain activity highlights Deep dives For developers Product blogs
Conducting Passive Reconnaissance Using Website Contacts Database Intel and Search Results

Conducting Passive Reconnaissance Using Website Contacts Database Intel and Search Results

Is your supplier or partner, or a new acquisition of yours a potential threat? If you’re reading this, you’re probably asking yourself the same thing.

Third-party vendor risks have become a pressing concern among businesses in the wake of recent supply chain attacks. Around 59% of organizations have encountered an attack that can be traced back to their suppliers. This number has probably increased as reports of new vendor-caused attacks make headlines every day.

Many organizations believe that vendor risk assessment should be a high priority as they engage with more service providers. Unfortunately, most do not have the resources to do so. Among those who do, only 36% believe that their third-party risk management programs work.

Continue reading
Real-Time Protection by Integrating Website Reputation Scores into SIEM Solutions

Real-Time Protection by Integrating Website Reputation Scores into SIEM Solutions

Real-time threat detection is tantamount to up-to-date protection, which should be the only kind of cyberdefense. The key to any good defense, however, is to think and act like there is always a threat. This is true in the virtual realm, to some great extent, where we see a hacker attack every 39 seconds.

For this reason, the use of security information and event management (SIEM) solutions is gaining popularity among security operations centers (SOCs). Security teams are gearing up for when and not if they are attacked. And it’s real-time threat detection and protection that is their goal.

Continue reading
Take Control of Nameserver Records with a Reverse Nameserver Lookup API

Take Control of Nameserver Records with a Reverse Nameserver Lookup API

One reason why cyber risks are far more serious today than in the past is the widespread and cheap access to services from registrars and hosting providers. From amateur bloggers to small business owners, anyone can register a domain and create a website for whatever purpose.

The problem is that not everyone has the right skills to properly configure servers — e.g., define hosts or set up address (A) or pointer (PTR) records, among other things.

Website owners are lucky if issues from nameserver misconfigurations only result in reduced website availability. There are other consequences, though, such as higher spamming scores and Secure Sockets Layer (SSL) authentication errors or vulnerabilities that could potentially lead to security compromises.

Continue reading
Enhancing Packet Filtering via a Reverse IP/Domain Check

Enhancing Packet Filtering via a Reverse IP/Domain Check

Spoofing is a cyber attack method where the adversary impersonates a legitimate user to gain access to a network or device. Once inside the target network, the attacker can then perform large-scale attacks, steal sensitive information, and inject systems connected to the network with malware.

Although there are several types of spoofing, the most common being IP spoofing. This method allows attackers to launch denial-of-service (DoS) and man-in-the-middle (MitM) attacks, two of today’s most prevalent cyber attack types. At present, we see 30,000 DoS attacks per day, whereas MitM attacks account for 35% of exploitations that target inadvertent system or software weaknesses.

Continue reading
How to Block Inappropriate Websites in a Workplace

How to Block Inappropriate Websites in a Workplace

Accessing explicit or illegal content from the office network can be a serious liability for your company. Blocking inappropriate websites at a workplace protects your network from malware, legal issues, and low employee productivity.

Monitoring workplace Internet activity manually could be a time-consuming task. Fortunately, the blocking of inappropriate websites can be automated. We’ll show you how to block inappropriate websites by using five tricks with varying degrees of reliability.

Continue reading
How to Trace an IP Address From an Email Explained

How to Trace an IP Address From an Email Explained

Ever felt the need to see what’s happening with the recipient after you sent an email? You may have. In this post, we’ll look at how email tracing is done for different email service providers as well as explore the reasons why you might find it useful.

How Email Tracing Works, in a Nutshell

Email tracing refers to the process of finding out what actions a recipient performed after getting an email such as when he or she opened or read it. Email tracing also lets senders know if intended recipients clicked on embedded links or downloaded attachments.

Continue reading
Warding Off Threats Spawned by the Abuse of Newly Registered Domains

Warding Off Threats Spawned by the Abuse of Newly Registered Domains

When the Internet Corporation for Assigned Names and Numbers (ICANN) agreed to the addition of new generic top-level domains (gTLDs) in 2012 through the New gTLD Program, the number of spam emails coming from these domains started to rise significantly.

In fact, studies revealed that a new malicious site is hosted on a domain with a new gTLD extension every 15-20 seconds. What’s more, seven out of 10 newly registered domains are classified as either suspicious or downright malicious and thus should not be accessed.

Continue reading
Threat Prediction Based on Domain Registration History

Threat Prediction Based on Domain Registration History

There is a tendency to look at the past to anticipate what the future may hold. The historical performance of financial investment products, for example, is always showcased, although with a disclaimer that they don't guarantee any future results. Athletes watch past performance of their would-be opponents, so they know what strategies to formulate for the future encounters.

This train of thought is also applicable, at least to some extent, to the field of cybersecurity. Knowing more about past attacks can help security teams strategize and improve their current and future cybersecurity posture.

Continue reading
follow us in feedly
Try our WhoisXML API for free
Get started