We are really excited to launch our Affiliate Partner Program, with the primary goal of providing unhindered domain data & threat Intel to enterprises & government agencies on a requirement based approach. Our new partner program is uniquely designed to provide our partner network with the full advantage of our solid foundation & innovations thereby jointly delivering next-generation threat intelligence solutions. We offer a variety of programs to meet various business objectives of small consulting organizations with strong intelligence backgrounds and subject matter expertise, leading Value-Added-Resellers (VARs), System Integrators, Managed Security Service Providers (MSSP), Managed Detection and Response Services (MDR), Security Orchestration & Automation (SOAR), Threat Intelligence platforms, Information Security Operations Center (SOC), etc.
In this technical blog we offer some hints and tips to those who want to have an interactive tool for the analysis of WHOIS and IP resolution data. In particular, the MITRE Corporation, a not-for-profit company that operates multiple federally funded research and development centres and provides software for this purpose under the General Public License. It is available on GitHub at https://github.com/MITRECND/WhoDat
In the mid-90’s, when Tim Berners-Lee created the foundational elements of what would later become the World Wide Web, business and society entered the digital age. One of the many innovations that accompanied this technological transformation was email, which rapidly grew into the primary business communication medium.
Since then, the infiltration of social media and instant messaging apps have been chipping away at the dominance of email, but it still remains a critical component of modern IT architectures. However, due to its ubiquity, email is a common threat vector utilized by cybercriminals for nefarious purposes.
Whois XML API provides infosec professionals with tools to reduce the risk of hackers using email to infect devices and steal user credentials.
Government agencies, large-scale enterprises, SMBs & many other businesses investigating cyber crime, detecting & accessing threats, tracking down malicious entities or monitoring a bad actor’s infrastructure to predict a future attack, need various kinds of Internet data sets to help them in characterizing & connecting domains. Also, with the rise in security breaches, professionals are no longer looking for just raw data, but Intel, to take timely action against the surfacing bad actors. Whois API, Inc. has been working with many such senior security professionals since the past decade and creating suitable data products & solutions which can act as building blocks in their toolkit for domain research & investigation. With the plethora of solutions we offer, data planning can sometimes become a task in itself & to that effect, we are now providing our users with Enterprise Packages. These are designed specifically keeping such large-scale agencies in mind, to help provide predictability to their data planning, along with, a comprehensive investigation pathway. Our latest Enterprise level solution, Enterprise Tools Package, provides our users with accessible domain Intel, in an easier & visual format.
If you’re building a website (or API) using Express.js, it’s often useful to know where your visitors are coming from: the US, the EU, someplace else? The process of locating a web user is typically referred to IP geolocation, and unfortunately, it isn’t simple.
The reason it isn’t easy to get IP geolocation data is that there is no standard mapping of IPs -> location data. Most companies get this data by purchasing it from GeoIP aggregators that piece together lots of different bits of information to build an accurate database of IP geolocation data.
GeoIP data is typically comprised of:
Moving further into investigating & researching IP address, WhoisXmlApi is really excited to announce the launch of Reverse IP API! Whether you’re researching a potential partner or an incident, understanding the online reputation of an IP address or a domain is incredibly important. With Reverse IP API, by simply querying an IP address you can get the list of all the other domains that share the same Internet host (i.e. the same IP address). Results include all gTLD, new TLD, and any known ccTLD domains. This can be a very useful tool when one is trying to gain context or situational awareness relating to any IP address. ? Over the last few years, online reputation management & security has become a huge?concern for many companies.?Knowing your network reputation is, therefore, an important part of your security knowledge. By knowing all the domains sharing your IP address you can check for spamming & malicious websites. It’s best to not have your IP associated with harmful content. Hosts with a dubious reputation may affect your search engine ranking, email delivery or even have your site blacklisted. ? Sometime, Internet Service Providers may also block a website’s IP address in case it contains malicious or illegal content. Naturally, other sites sharing that IP address is blocked as well. You can prevent such as scenario by taking proactive steps. ? Besides this, since Reverse IP API reveals how many sites you share the host with, you can use this knowledge to help your online brand as well. Sometimes to maximize profits web hosts oversubscribe i.e. sell more websites than the server can handle. Oversubscription affects the download speed of your site and thus may also affect conversion. ? Reverse IP API can also be beneficial to help research hosting providers or parking companies so as to find the most suitable one for you. You would want to avoid hosting providers that cramp up to many websites on a server. ? With the help of our Reverse IP lookup, you can conduct research – find other domains owned by the same person even if they have Whois privacy. You can research the market in a targeted region or niche. Or you can monitor the domain life cycle of all domains on the IPs of your niche competition to spot and buy expiring ones before anyone else. ? Reverse IP is also very popular with cybercrime investigators solving any kind of crime: identity theft, online fraud, piracy, etc. During or after an intrusion incident, a Reverse IP API can be used to identify the attackers’ host names. It can also help to identify the attack surface by discovering all the hosts and IPs related to a given target website/ IP. You can also identify any websites on the host that contain vulnerabilities to exploit. ? Reverse IP API is an incredibly powerful tool with many high-value business applications. With WhoisXmlApi you can quickly & easily know all the following details about an IP address:
The beginning of a new year is always a great time to take a step back and see what one has achieved in the previous year. For us at WhoisXmlApi, 2017 has been a greatly challenging as well as a very rewarding year. We have tried to stretch our boundaries and are happy to see some of our ideas taking shape in the form of domain data products & services that our users are really appreciating. When we started WhoisXmlApi in 2010, our vision was very clear, to be a one-stop shop for domain data for all the industries who need it. To serve that goal, year after year, we have created domain data related products & services and 2017 has been no different!
Online shopping and e-commerce is a multi-billion dollar industry. In 2017 the retail e-commerce sales have surpassed $2 Trillion and are growing at the rate of approximately 23% year over year. E-commerce has grown from being an early fascination to actually competing with brick and mortar business model. To put that into perspective, 53% of global internet users have made an online purchase in 2016, that’s approx. 1 billion people. And the trend seems to be just growing. With all the benefits that e-commerce is providing to its consumers, experts are predicting the industry to go up to $4.5 Trillion by 2021. Yes, that’s double of what we have now!