Category: WHOIS Database

How to Contact the Owner of a Domain with WHOIS and Website Contacts Products

How to Contact the Owner of a Domain with WHOIS and Website Contacts Products

The Internet is one giant marketplace. If you are looking for a software-as-a-service (SaaS) option that you can use for your department, a simple Google search will give you dozens of them. Meanwhile, if you need someone to promote your business, the Internet can suggest several influencers depending on your niche. Once you find a company or person that matches your requirements, all of you have to do next is to contact the domain owner or website representative(s).

Contacting them may be easy since chatbots or contact forms are always available. But how can you connect with the owners of hundreds or thousands of domains without going through a chatbot or waiting for someone to answer the customer service line in each and every case? To help you, we explored four different ways to contact the owner of a domain.

ProPrivacy Open Data Project: Mapping Malicious Coronavirus Domains Using WHOIS Data

ProPrivacy Open Data Project: Mapping Malicious Coronavirus Domains Using WHOIS Data

The COVID-19 pandemic has driven many people to do almost everything within the confines of their homes. Nearly exclusive reliance on digital means to work, study, shop, and communicate amid uncertainty opened many avenues for cybercrime to take place—notably through the use of coronavirus-related domain names.

To demonstrate this trend, ProPrivacy has partnered with WhoisXML API and VirusTotal to investigate the extent to which cybercriminals are weaponizing the Domain Name System (DNS) in an open data project called “COVID-19 Malicious Domain Research Hub.”

Cyber Threat Intelligence in Action: Malicious COVID Footprint Enrichment, Expansion, and Infrastructure Analysis

Cyber Threat Intelligence in Action: Malicious COVID Footprint Enrichment, Expansion, and Infrastructure Analysis

We have been monitoring COVID-19 cyber threats for several months now. More recently, we partnered with GeoGuard to enrich a dataset of coronavirus-themed URLs and IP addresses with WHOIS data and domain reputation scoring, followed by a passive DNS analysis to enlarge the malicious footprint under the study. The three sections in this post discuss the results of our research in greater depth.

Why You Need an IP Netblocks WHOIS Database for IoC Enrichment

Why You Need an IP Netblocks WHOIS Database for IoC Enrichment

Indicators of compromise (IoCs) are anomalous network or computer artifacts such as malware signatures, file hashes, or domains that point to a possible breach. This data is aggregated from multiple external threat feeds and log files from internal applications and systems. The analysis of IoCs is part and parcel of an infosec professional’s daily workload. After all, an organization’s security hinges on its ability to detect and act on IoCs that could lead to full-blown cyber attacks timely.

Every day, analysts encounter IoCs of varying severity, as reported by their organization’s security orchestration, automation, and response (SOAR) and security information and event management (SIEM) solutions. The problem with such alerts is that some may be associated with old IoCs that are no longer active or are now being used for legitimate purposes.

That explains the need for constant IoC management. By monitoring IoCs in context, security analysts can find out which ones warrant their attention most as the volume of alerts can easily overwhelm an understaffed security team. But was does “context” mean here? And which sources of data can support in providing it? 

Among other data feeds, IP Netblocks WHOIS Database can ease the burden of IoC enrichment activities for analysts. Let’s find out how.

How to Look Up an ARIN IP Address with IP Netblocks WHOIS Database

How to Look Up an ARIN IP Address with IP Netblocks WHOIS Database

Why does it matter who’s behind an IP address? Knowing the identity of IP addresses’ owners, whether they are individuals or organizations, helps users determine if they can be trusted or are potential scammers out to carry fraud.

However, that information is not always readily available, and nor is it publicly accessible due to a variety of reasons. So, how can users obtain such data? One resource that may help is an IP Netblocks WHOIS Database. In a nutshell, it lets users know what IP netblock or range an IP address belongs to and who owns it.

Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

Leveraging Cyber Threat Intelligence: Must-Dos for Companies To Prevent Phishing and Other Attacks

While phishing is considered one of the oldest threats in any cyber attacker’s arsenal, it still manages to work. The targeted organization or individual, social engineering bait, and the manner in which information gets stolen or malware is delivered may change. Still, the motivation often remains: to take someone’s details or even identity.

In many phishing scams, cybercriminals opt to create a fake company pretending to offer services that may be hard for users to resist. Such is the case of two confirmed phishing domains we analyze throughout this piece—technoarubacloud[.]com and teichdata[.]at. Any visitor lured to avail themselves of these two fake suppliers’ offerings is likely to be tricked into handing over personally identifiable information (PII) to the criminals behind the bogus sites.

How to Search for a Domain Name: 6 Domain Purchasing Best Practices

How to Search for a Domain Name: 6 Domain Purchasing Best Practices

Not everyone is truly aware of the ramifications of buying a domain. There are many factors to consider in order to make a good purchase and later avoid undesirable connections to, say, malicious individuals and their networks. So, how could a domain name be dangerous, after all? Those in the cybersecurity industry know that cyber attackers can weaponize a domain name for use against organizations and networks.

This article aims to shed light on why domain buyers, such as those without cybersecurity or marketing know-how, should conduct some research on domains of interest with the help of tools such as WHOIS LookupDomain Availability API or Domain Research Suite.

WHOIS Database Download: A Quick Look at the Newly Launched TLDs

WHOIS Database Download: A Quick Look at the Newly Launched TLDs

As the Internet continues to grow older, the number of interesting domain names available for use is starting to diminish.

If you have ever tried to register a .com address, you probably felt a little frustrated trying to find a domain that matches your brand. With a meager 22 generic top-level domains (gTLDs) available, the World Wide Web is starting to get a bit crowded. This is the reason why new TLDs such as .tech, .space, .actor, and more have recently been introduced.