Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Detect and block access to and from dangerous domain names before malicious actors can weaponize them. Contact us today for more information.
Unlock integrated intelligence on Internet properties and their ownership, infrastructure, and other attributes.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.
Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.
Multi-Level API User Administration Now Available - Manage individual API keys for team members in your organization.
Learn MoreExplore DNS record history to identify domain changes, infrastructure evolution, and potential threats with our consumption models—Lookup, API, and Database Download.
Contact Sales500 free API requests. No credit card required.
Obtain direct access to passive DNS A, AAAA, MX, NS, TXT, CNAME, SOA, and PTR record files from our market-leading database of historical DNS records.
Learn moreDNS Chronicle API can easily be integrated into existing security platforms, workflows, and other tools requiring passive DNS intelligence.
Learn moreEasily retrieve the historical DNS A and AAAA records of any domain by typing it into our GUI.
Learn moreOur historical DNS record database is one of the largest of its kind, with billions of recorded events, allowing you to dive deep into web properties’ DNS history and connections.
Our DNS Database Download is available via CSV files. Our DNS Chronicle API is also designed for easy integration and supports popular programming languages and platforms.
Choose the best consumption model for you—lookup, API, or database download—to fit your unique requirements.
Keep asset inventory current by uncovering connected or hidden domains and subdomains used for specific web applications and services.
Identify unusual DNS resolution patterns that may indicate botnet activity or compromised infrastructures used to host or distribute malware.
Stay alerted to DNS resolutions associated with known threat actors, and uncover patterns or anomalies that could indicate malicious activity.
Monitor DNS record changes to detect domain hijacking attempts and assess how associated domains could affect brand reputation.
Use DNS data to trace domain configuration changes, identify connected infrastructure, and detect suspicious activities linked to vendors and other third parties.
Spot fraudulent behaviors by analyzing DNS patterns, domain ownership changes, and previous associations with malicious servers.
“WhoisXML API’s passive DNS database, even the lite version for academic purposes, has much better subdomain data coverage compared with other commercial and free databases.”
“WhoisXML was the game changer for us. It has revolutionized our ability to disrupt cybercrime in process and at scale by quickly identifying all of the vendors providing material support for scammers using sophisticated website templates that look legitimate. By quickly identifying the vendors unknowingly supporting the criminals, we can provide them with public interest justification to burn down the criminal infrastructure.”
“After thorough testing, we were thrilled to find that Premium DNS 365 consistently identified 10 times more 'active' subdomains compared to other options in the market.”
We are here to listen. For a quick response, please select your request type. By submitting a request, you agree to our Terms of Service and Privacy Policy.