<menuitem id="jr1fv"></menuitem>
<strike id="jr1fv"></strike>
<strike id="jr1fv"><video id="jr1fv"><strike id="jr1fv"></strike></video></strike>
<span id="jr1fv"></span>
<strike id="jr1fv"><video id="jr1fv"><strike id="jr1fv"></strike></video></strike>
<span id="jr1fv"><noframes id="jr1fv">
<strike id="jr1fv"></strike>
<strike id="jr1fv"></strike>
<strike id="jr1fv"></strike>
<th id="jr1fv"><video id="jr1fv"></video></th>
<span id="jr1fv"><video id="jr1fv"></video></span>
<strike id="jr1fv"></strike>
Unified & Consistent

WHOIS API & Parser System

For over a decade, we have been gathering domain WHOIS records for all gTLDs and ccTLDs. We are a domain Whois, DNS, IP and cyber threat intelligence data provider. We provide real-time APIs, database downloads, and tools in domain research & monitoring and threat intelligence. We continuously strive to meet the demand of our diverse and huge customer base by offering various solutions to satisfy their specific business needs. Our customer base includes fortune 500 companies, threat intelligence/infosec companies, anti-malware/security vendors, cybercrime units, government agencies, brand protection agencies, domain registries/registrars, domain investors/brokers, banks, payment processors, telecom, marketing researchers, big-data warehouses, web analytics firms, investment funds, web developers and many more.
We have been recognized as one of Inc. 5000 fastest growing Top IT Companies with a rank of #268 in 2017 and #651 in 2018.

Join more than 52K satisfied customers

7.0 billion+
Historic WHOIS Records
1.2 billion+
Domains and subdomains
TLDs & ccTLDs
9.1 million+
IP netblocks
IP addresses in use covered

WHOIS Lookup

Input correct search term

We provide an easily integrated WHOIS API for business of any scale

Get API access to the well-parsed and consistent domain data, including the registrant name, organization, e-mail address, registration address, registrar information, creation date, expiration date, updated date, domain availability, domain age, and many more.


Enterprise packages

API Packages

A comprehensive set of APIs for domain research & monitoring and cyber threat intelligence. It includes access to Domain, Whois, DNS, IP, Risk profiles, SSL and a variety of threat intelligence data. The Enterprise API Package powers cyber-crime investigation, forensic analysis, fraud detection, domain management, brand protection, domain registration analytics, market research, data intelligence enrichment across variety of SIEM, Orchestration, Automation and Threat Intelligence Platforms. The applications span innumerable industries and use cases.

Learn more

Data Packages

A comprehensive set of data feeds that contain both real-time and historic domains, Whois, DNS, IP and cyber threat intelligence datasets that are useful for efficient big data infosec analytics, forensic analysis, SIEM (security information & event management) data enrichment. Ideal when enterprise or government security policies prohibit the use of API calls outside the internal network.

Learn more

Tools Packages

A set of tools and platforms that's useful for domain research & monitoring, threat investigation, threat intelligence, forensic analysis, cyber-security research, brand protection, fraud detection, domain management, domain registration analytics, market research, and much more.

Learn more



Get a quick response from the largest WHOIS database.

Learn more

Data feeds

We offer relevant WHOIS data, in a format convenient for you, which can be easily tailored to your business needs.

Learn more

Domain Research Suite

Enhance your domain research with our web-based Domain Research Suite that helps you search and monitor domains.

Learn more

Enterprise packages

A balanced solution for enterprise and government customers. The pricing structure gives predictability to business planning and solution architecture.

Learn more

Custom solutions

We can provide any custom domain solution that is tailored to all your requirements and honed to your personal business objectives.

Learn more

Cyber-security research

Accelerate your threat detection with our handy tool and APIs for а breakdown of hosts and their infrastructure. It is a building block in your cyber security toolkit.

Learn more

You're just one step away from getting a free
and fully functional account!

Get started

No credit card or company information needed.


Cyber Security Data

No matter what type of cyber attack you are investigating, be assured that our real time and WHOIS History API combined with reverse WHOIS API will always come in handy and be a great starting point for your investigations.

Learn more

Brand Protection

Monitor and protect ‘terms’ that come under your intellectual property. Be automatically notified in order to take timely action. Utilize our WHOIS data to keep track of various domains of your interest.

Learn more


Get Daily downloads for newly registered and recently expired domains. Our Domain Availability API will also prove to be a great tool for Domainers.

Learn more

Fraud Detection Data

Safeguard against payment transaction fraud with the help of accurate and comprehensive domain WHOIS data that includes historic records, unlimited reverse WHOIS API lookups and the Domain Research Suite.

Learn more

Investment Fund and Banking

Monitor web asset acquisitions and fraudulent online transactions, identify investment opportunities and verify merger and spinoff activities by using WHOIS data.

Learn more

Law Enforcement

Get all the domain’s WHOIS information that includes the registrant name, address, phone number, email, and more, from both the registrar and registry to help with your cases.

Learn more

Marketing Research & Data Intelligence

Get all the information related to a specific domain or TLD, including its owner and contact details to target your potential customers.

Learn more


Outsource part or all of your WHOIS services and other domain management services to us and concentrate on your core business without worrying about your customers lacking any domain related information.

Learn more

Discover companies like yours who have found success

Customer success stories

WhoDat Project: an Interactive Pivotable Tool for Working with WHOIS Data

As the analysis and research of WHOIS data is crucial in cybersecurity, the MITRE cooperation develops a front-end for the services provided by WhoisXML API in support of researchers' and analysts' work...

Read full story

DNS Forensics Using the Big Data Extension of IBM’s QRadar Security Intelligence Platform

The basis of IBM’s key security solutions is the QRadar Security Intelligence Platform, a security information and event management system (SIEM). It is a unified platform covering many security-related tasks and incorporating a broad spectrum of solutions including the use of X-Force Threat Intelligence, IBM’s cloud-based threat intelligence platform.

The big data extension of QRadar can be used to do DNS forensics in order to identify risky domains, risky users, and risky IP addresses, and feed this information back to QRadar in order to define new protection rules...

Read full story

Easily Managing Hundreds of Domain Names from Salesforce

IEEE was searching for a solution to automate its manual process of ensuring hundreds of independently-owned IEEE domain names were being updated with their latest information in the WHOIS Domain Name Registry. More specifically, there was a critical need of identifying upcoming domain name expirations early in order to alert their owners of potential losses...

Read full story

Dark Crawler, a Useful Tool to Assess Child Exploitation from Online Communities

Child sexual offenders have always been quick to adapt technological advances, such as photography and film for the purposes of exploiting children. The move of child exploitation material (CEM) to the Internet has enabled them to form online communities which allow easier access to CEM, recruiting co offenders and business partners, as well as validating their deviant behavior amongst other offenders.

Despite the established harm inherent within child exploitation imagery and distribution online, current attempts to limit such content have been largely unsuccessful.

Dark Crawler is a tool used by search-engines to automatically navigate the Internet and collect information about each website and webpage which can be used to seek out specific content, such as child exploitation material ...

Read full story

Whois Data Opening up a New Avenue
for the Measurement of Entrepreneurship

Entrepreneurship is the central process through which economic growth and performance is fostered in a regional economy. Its evaluation is thus of paramount importance for policymakers and economists. However, the quantification of entrepreneurship, that is, introduction of measures to describe the attempts to start growth-oriented business, the likelihood of their success, the ability to raise venture capital, etc. is a challenging task due to the lack of globally available and accurate input data on e.g. business registration.

In a recent working paper a new approach is proposed to overcome this issue by using WHOIS registration data. The approach is applied to companies in Oxford and Cambridge, UK as a demonstration, by using data purchased from WhoisXML API.

Read full story

Malicious URL Detection via Machine Learning

Protection against malicious websites is an important task in cybersecurity. A common way of identifying such sites is the use of blacklists which contain a large set of URLs considered dangerous. There are various techniques for compiling such lists, and there is obviously a need for methods to verify if a suspicious site is really dangerous...

Read full story

Is a HTTPS Webpage as Secure as Expected?

Encrypted communication on the Internet is most commonly realized by Secure Sockets Layer (SSL) and Transport Layer Security (TLS). Webpages communicating sensitive content, including Internet banking, webshops, etc. use the HTTPS protocol which is based on this. E-mail servers, when communicating with clients in a secure manner, use the relevant e-mail transfer protocols such as SMTP, IMAP or POP3 over SSL/TLS.

In current practice web pages are often hosted at least in part by third-party hosting providers or content-delivery networks. Thus the hardware systems we communicate with belong to these third parties, which may host many other pages of completely different entities. And, in order to establish desired secure communications, these parties have to get hold of private keys of these entities. Currently, many providers overtake even the management of keys from their clients which gives rise to profound and possibly severe security implications...

Read full story

WHOIS Data for Vulnerability Notifications

One of the cornerstones of cybersecurity is threat intelligence sharing. Maintenance of our IT systems' security and their protection against malicious activity require up-to-date knowledge of the entire field. There are significant efforts to assist experts in this activity, including those of market leaders such as IBM X-Force Exchange.

Due to the decentralized architecture of the Internet, however, the collaboration of the actors as well as voluntary campaigns in order to detect vulnerabilities are also of utmost importance. If, however, the owners of the affected systems cannot be notified, these efforts can hardly achieve their positive goal. And in this notification process, WHOIS data have their use...

Read full story

The WPAD Name Collision Vulnerability in the New gTLD Era: a Threat Crying for Urgent Solution

Sometimes certain comfortable and seemingly innocent protocols can introduce significant security risks, especially when the system's environment changes.

The WPAD (Web Proxy Autodiscovery) protocol is prevalently used to configure the web proxy settings of end systems such as desktops and other devices belonging to an administrative domain, e.g. a corporate network. The benefit of this solution is that system administrators can deploy local web proxy settings essentially without any user interaction. Due to a very progressive change in the domain registration policies, the otherwise very useful WPAD protocol has introduced the possibility of a new and very dangerous man-in-the-middle attack...

Read full story

Try our free and fully functional account!

Trusted by
the smartest

Have questions?

We work hard to improve our services for you. As part of that process, we welcome your feedback, questions, and suggestions. Please let us know about your thoughts and feelings, and any way in which you think we can improve our product.

For a quick response, please select the request type that best suits your needs. For more info regarding the request types, see Contact us page.

By submitting, you agree to the Terms of Service and Privacy Policy.

Or shoot us an email to