Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.
Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.
Carry a complete threat intelligence analysis for a given domain or IP address and get access to a report covering 120+ parameters including IP resolutions, website analysis, SSL vulnerabilities, malware detection, domain ownership, mail servers, name servers, and more.
Gather threat intelligence via API calls covering Domain’s Infrastructure analysis, SSL Certificates Chain, SSL Configuration Analysis, Domain Malware Check, Connected Domains, and Domain Reputation Scoring.
Bolster enterprise security with our feeds covering Typosquatting domains, Disposable domains, Phishing URLs, Domain & IP reputation, Malicious URLs, Botnet C&C, and DDoS URLs.
We offer comprehensive services for the integration of our data – from consultations to the precise definition of the basic needs of the business to increase the work efficiency.
Set up and manage public WHOIS servers for your business. Our WHOIS parsing system is a utility that collects extensive information about any given domain by sending series of DNS and WHOIS queries. The report is generated in raw as well as in parsed format.
Regardless of whether you are a startup, a small business or a global one, our team is always ready to help you. Enterprises operating on a scale can also choose special premium support management with high priority 24/7 email and telephone responses and other professional services.
Get customized reports on TLDs covering datasets falling under domain name, WHOIS and DNS category.
Searching IP address data to find more clues for cybercrime investigations has become common practice. And for those who are dealing with cybercriminal suspects from Africa, getting real-time and comprehensive IP address ownership information is possible with an IP Neblocks WHOIS Database that contains information on AFRINIC IP addresses.
With these insights, users will be able, for example, to investigate the so-called “Nigerian scams,” which the region has become notorious for. You may be wondering what these scams are, so let us tell you all about them and how our IP Netblocks services can help.
Continue readingWhy does it matter who’s behind an IP address? Knowing the identity of IP addresses’ owners, whether they are individuals or organizations, helps users determine if they can be trusted or are potential scammers out to carry fraud.
However, that information is not always readily available, and nor is it publicly accessible due to a variety of reasons. So, how can users obtain such data? One resource that may help is an IP Netblocks WHOIS Database. In a nutshell, it lets users know what IP netblock or range an IP address belongs to and who owns it.
This post discusses how users can find an American Registry for Internet Numbers (ARIN) IP address by using an IP netblock database. But first, let’s find out what ARIN is.
Continue readingAn IP netblock can be a critical piece of information for the companies that engage in online activities. Whether it’s for competitor research or to prevent IP address hijacking, IP netblock data allows technology professionals to deduce who owns a group of IP addresses to pursue their objectives and take relevant action from there.
That said, the ability to quickly derive this information could sometimes spell the difference between success and a missed opportunity, or mitigating or not a cybersecurity threat before it can affect one’s systems and networks.
In this post, we’ll discuss how general users and tech-savvy cybersecurity professionals can obtain IP block data by using a variety of online technologies such as IP Netblocks WHOIS Database and others.
Continue readingIn the 1980s, detectives, investigators, and regular people who wanted to solve a mystery would need to sit in a car for hours, wear a disguise, and follow their subjects everywhere, be it on foot or by car.
The nature of crimes, however, has changed today. Most of them no longer happen physically; they’re committed in the virtual realm. And so, they call for new methods of investigation where legwork (in the physical sense, that is) is no longer required. Tracing the identity of a cybercriminal, for instance, now requires the right information and sources like an IP WHOIS database.
In this post, we delve into the methods and tools that can help users find the owner of an Asia Pacific Network Information Centre (APNIC) IP block in particular.
Continue readingBoth the burgeoning use of the Internet and the growing incidence of cybercrime call for insightful information on IP addresses that may be involved in malicious activities. As part of its mandate to maintain Web integrity, the Internet Assigned Numbers Authority (IANA) coordinates the global assignment of IP addresses and Autonomous System Numbers (ASNs).
IANA specifically works with the regional Internet registry (RIR) Réseaux IP Européens Network Coordination Centre (RIPE NCC) to maintain a database of IP addresses for Europe, West Asia, and the former Soviet Union. And so, anyone who wishes to find more information about an IP address from this region must do a RIPE NCC IP lookup.
Continue readingIP netblocks can be considered a neighborhood to which consecutive IP addresses belong. As in the real world, there are good and bad neighborhoods. Fortunately, sophisticated threat intelligence tools enable security engineers to distinguish one from the other.
Traditionally, users can check computers communicating over a network by using a simple ping command to find unresponsive or misbehaving nodes. A ping test sends packets to a server and reveals if the same number of packets were returned, as well as how long it took the destination to issue a response.
Ping tests may be sufficient for network discovery, especially in private networks. However, other tasks may require critical IP intelligence data, such as a WHOIS IP block, for threat hunting and marketing applications. An IP Netblocks WHOIS Database can provide complete ownership histories of IP ranges that can help users determine if these were involved in previous attacks.
Continue readingMore and more professionals rely on IP intelligence sources such as IP Netblocks WHOIS Database to learn more about IP addresses and their ranges (consecutively numbered sets of IP addresses). Many, however, do not have a full understanding of how IP netblocks and addresses are broken down in the first place and why this information can be useful.
Essentially, IP addresses are numbers from 0 to 536,870,911. Their distribution amongst users is done by Classless Inter-Domain Routing (CIDR). The idea is that the whole interval is split into parts assigned to different bodies responsible for them. These bodies will then split their IP address intervals into smaller ones and delegate their administration to other bodies or end-users. So finally the smallest intervals will have actual owners, or, vice versa, owners will have one or more intervals.
These points are further tackled in this blog post, starting with a short primer about the relevance of the Internet Assigned Numbers Authority (IANA) in the IP address allocation process just mentioned.
Continue readingMore comprehensive IP intelligence means more value to our clients. That’s why we are proud to announce an important update on our IP Netblocks WHOIS Database, which now has significantly higher proportions of non-empty or non-redacted fields across IP netblocks.
Empty and redacted fields can create significant challenges for IP netblocks users. Cybersecurity professionals, for example, may not be able to check if certain IP addresses in a given netblock belong to the same registrant or someone else. When investigating an attack involving several individuals, it may also be harder, for example, to pinpoint if several compromised addresses are all from one IP netblock and are, therefore, linked.
Marketing professionals, on the other hand, could make the mistake of bundling an IP address with the wrong netblock that’s assigned to a different organization than the one of interest. Other professionals researching specific companies that share a netblock may have a hard time identifying the addresses that actually belong to them. Incomplete data might lead to faulty assumptions and thus results.
In short, we know how vital IP intelligence information is to organizations and how the lack of it can spell trouble for different types of professionals.
With higher proportions of non-empty or non-redacted fields across RIRs, IP netblocks users can now get more actionable information from their queries. With that in mind, let us elaborate on what has changed exactly and the corresponding benefits.
Continue readingIn many of the aforementioned applications, it is equally important to find out who an actual IP address is assigned to and which part of the network it belongs to. Technically, it necessary and sufficient for a device to have an IP address to be able to communicate on the network. As it is sufficient, there are nodes which are not assigned a domain name. However, in every communication it is necessary for the IP address to be able to be tracked back at least. This makes IP WHOIS data useful in many of the aforementioned applications, and indeed essential for IT security. In a typical server log, for instance, we have IP addresses whose ownership can be identified via its IP WHOIS record obtainable by the WHOIS protocol...
Continue readingThe virtual world of the Internet can be linked to physical entities such as organizations or individuals via only a few techniques. One of the possibilities is to start from the IP address: the unique number associated with each machine connected to the Internet. As such an address is technically essential for any networked machine to operate and each Internet communication to take place, it is a very efficient and viable approach revealing the ownership of the infrastructure and the hierarchy behind its definition...
Continue readingWhoisXML API uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.