Our WHOIS data is well-parsed and normalized for any domain name, IP address, or email account

We provide a variety of WHOIS data consumption models, including APIs, lookup tools, and direct access to our 21.0B+ historical WHOIS records via database downloads.

Get started

500 free API requests. No credit card required.

374 Million+Active domains tracked

21.0 Billion+WHOIS records

7,596+TLDs and ccTLDs tracked

52,000+Satisfied customers

See all coverage stats

Our WHOIS product line includes:

WHOIS Database Download

Gain access to comprehensive and reliable domain ownership and registration data.
Explore Database Download
WHOIS API

Easily integrate our WHOIS API into existing security platforms, workflows, and other tools to retrieve domain ownership and registration data points.
Explore API
WHOIS Lookup

Retrieve all registration information from a domain's or an IP address's corresponding WHOIS records in seconds via our GUI.
Explore Lookup
WHOIS Search

Perform and deepen WHOIS searches with our Domain Research Suite (DRS) platform’s smart interface and pivoting features.
Explore Suite
Bulk WHOIS API

Obtain parsed domain WHOIS ownership information for a large list of domains or IP addresses with a single query.
Explore Bulk API
Bulk WHOIS Lookup

Get the registration details of up to 500,000 domains in one go via our GUI.
Explore Bulk Lookup

What is WHOIS?

Despite the capital letters in “WHOIS”, it is not an acronym. Yet as the name suggests, a WHOIS record tells you all about a domain name’s registrant. Each WHOIS record gives pertinent details about the domain, including its age, registration status (creation, last update, and expiration dates), registrar, and owner. It allows users to obtain a domain owner’s contact details for reasons that include cyber investigation, market research, domain purchase, competitor monitoring, and more.

Our WHOIS record data is:

Exhaustive

Our WHOIS database contains more than a billion records spanning domains and subdomains scattered across 7,596+ gTLDs, ccTLDs and ccSLDs.
Well-formatted for compatibility

We parse and normalize all of our WHOIS data so it can be used as is or quickly integrated into a variety of internal systems.
Easy to work

We provide query results in convenient formats across all of our products. API outputs are available in XML and JSON, database downloads in CSV and MySQL, and lookup reports are hosted using a custom URL and are shareable.
Readily accessible

Near real-time data gathering means instantaneous access to accurate information, enabling better decision-making. Our WHOIS information is updated daily.

Practical usage

Cybercrime Analysis

Enable your digital forensics and incident response (DFIR) and other cybersecurity teams to collate domain ownership information to enhance their solutions and find ties, if any, to ongoing malicious campaigns.

Fraud Prevention

Allow payment processors to look out for customer information discrepancies in WHOIS records to potentially catch fraudsters. Protect online shop owners from risks related to identity theft.

Attack Surface Management

Carefully screen domains based on their WHOIS records to keep your potential attack surface to a minimum. Ward off domains that don’t belong to legitimate companies from your network as early as the discovery stage.

Third-Party Monitoring

Make sure you are talking only to the authorized representatives of any third party you’re planning to do business with by scrutinizing their WHOIS record details.

Brand Protection

Simplify investigations by obtaining domain ownership information to spot signs of potential cybersquatting. Arm your brand protection agents with WHOIS data so they can pinpoint potential instances of trademark infringement.

Business and Competitor Monitoring

Be the first to obtain a potentially high-demand domain name by keeping track of all registration changes. Domains that changed hands could clue you into what your competitors are up to as well.

Get 500 free API credits. No credit card required.

Get started

Kim Kok

Vice President

Core4ce

“We want to provide all Cyberscape users the ability to integrate relevant data for their cyber threat investigations. WhoisXML API provides unique data that will be helpful to the cyber threat investigation community, allowing analysts to shorten the cycle of understanding and mitigating threats.”

Goo Dong-eon

CBO

Logpresso

“WhoisXML API is the leading provider of comprehensive domain, IP, DNS, and cyber threat intelligence. Through the collaboration between the two companies, we will provide various solutions to swiftly detect and respond to advanced cyber threats.”

Oliver Friedrichs

Founder and CEO

Pangea

“Our partnership with WhoisXML API brings their unique dataset to strengthen the bench of threat intel providers on Pangea. WhoisXML API is one of the most comprehensive and accurate sources of WHOIS data available.”

Sharada Jayaprakash

Senior Manager, Connector Engineering

Cyware

“WhoisXML API’s rich repository of domain records will be invaluable for Cyware and joint customers, as it enables automated enrichment of domain and IP content via Cyware Orchestrate.”

Michael Bazzell

Owner

IntelTechniques

“The WhoisXML History API has been a game changer for our online investigations, trainings, and books. We have uncovered the true owners behind numerous malicious domains, even though they currently possess "private" Whois registration.”

Flavio Critelli

Distinguished Professor of Digital Forensics

University of Perugia

“Whois XML is one of the most important tools we use for domain intelligence in the Bachelor's Degree program in Investigation and Security Sciences at the University of Perugia. In particular, we appreciate the reverse research from IP to Domain and Whois with query filters. The tool is comprehensive, providing detailed information such as phone numbers, names, and other details from Whois records. While many Whois records are now covered by privacy regulations, WhoisXML API provides access to all historical WHOIS records.”

Michael Roberts

Founder & Private Investigator

Rexxfield

“WhoisXML was the game changer for us. It has revolutionized our ability to disrupt cybercrime in process and at scale by quickly identifying all of the vendors providing material support for scammers using sophisticated website templates that look legitimate. By quickly identifying the vendors unknowingly supporting the criminals, we can provide them with public interest justification to burn down the criminal infrastructure.”

Loonie Reed

Certified Fraud Examiner and Computer Forensic Examiner

“The consistent and structured data provided by WhoisXML API made it possible to group and identify who is behind suspected fraudulent websites, being able to search by phone number, address or e-mail address used in the domain registration.”

Yannick Delsahut

CEO

Goldstark

“I appreciate your products that are useful for checking domain expiration dates.”

Christine Bejerasco

Senior Analyst

F-Secure Corporation

“WhoisXML API is a responsive and reliable provider of domain intelligence. Whenever there are issues, they are quick to respond and resolve them. Working with them is smooth and straightforward.”

Rich Sutton

VP of Engineering

Proofpoint

“WhoisXML API’s domain intelligence allows us to quickly integrate WHOIS lookups into our security heuristics and algorithms without having to worry about hosting services, staging and merging data, and the complicated task of normalization.”

Mohammad Ismail Daud

Student

UC Davis

“I used WHOIS API and Website Categorization API. Both tools are simple and straightforward to use. Some API providers have extra bells and whistles that they force you to use, but WhoisXML API is really easy to work with. It’s stable, and I can trust that it’s not going to flatline later.”

Kieran Kennedy

Head

Snowflake Marketplace

“Keeping track of new domain registration activity is essential in today's digital economy. We look forward to continuing our collaboration with WhoisXML API to help customer leverage critical domain insights in a secure cloud environment that aligns with their data privacy and governance requirements.”

Larry Cameron

President and Founder

Paradigm Intelligence Ltd

“WhoisXML API is amazing for checking out the historic registration information of a domain, pivoting to locate the alternate registrations with the same details and also my cyber investigations. The data proved very useful when investigating pig butchering scams and domains that host child abuse material.”

Jacob Waltz

CEO/Founder

Intraframe

“Very useful for investigations, we can go back in history and see when domains were registered and who owned them at a certain time.”

David Pearson

CEO/Founder

Bayse Intelligence

“WhoisXML API builds out data sets that help users correlate attack infrastructure with related IP and WHOIS information.”

WHOIS / WHOIS History

DNS / DNS History

IP Geolocation / IP Netblocks

Domain Research Suite (DRS)

Domain/WHOIS

DNS/IP

Intelligence

Other

Domain/WHOIS

DNS/IP

Intelligence

Other

Domain/WHOIS

DNS/IP

Intelligence

Other

Domain Research Suite (DRS)

Research

Monitoring

White-Label

Predictive Threat Intelligence Feeds

Internet Infrastructure

Enterprise API Packages

Security Intelligence (SI) Suite

Our WHOIS data is well-parsed and normalized for any domain name, IP address, or email account

Our WHOIS product line includes:

WHOIS Database Download

WHOIS API

WHOIS Lookup

WHOIS Search

Bulk WHOIS API

Bulk WHOIS Lookup

What is WHOIS?

Our WHOIS record data is:

Exhaustive

Well-formatted for compatibility

Easy to work

Readily accessible

Practical usage

Cybercrime Analysis

Fraud Prevention

Attack Surface Management

Third-Party Monitoring

Brand Protection

Business and Competitor Monitoring

Get 500 free API credits. No credit card required.

Have questions?