Domain Research and Threat Investigation tools

[domain_names]

Here's a compilation of our favorite domain research, monitoring and threat investigation tools and APIs:

Domain Research and Threat Investigation:

Domain Research and Monitoring Suite, a set of domain research tools that includes Domain monitor, brand monitor, registrant monitor, whois search, reverse whois search, etc

All-in-one Domain Research and Monitoring Enterprise API Packages

Individual domain research tools and APIs:
Reverse DNS Lookup, discover all connected domains hosted on the same IP address
Bulk Whois API. provides Whois records in bulk for a large number of domain names or IP addresses.
Domain Availability API, the most accurate domain availability checker offered
Reverse MX Lookup, Reveal all domains that use the same mail server
Reverse NS Lookup, Find all domains that use the same name server
IP Geolocation API, instantly find an IP address' physical geolocation
Reverse Whois, Discover all domain names associated with an individual or an organization.
Email Verification API, Email Address Validation Tool to Verify Existence, Validity, & Quality
Whois API, provides the registration details, also known as the Whois Record, of a domain name or an IP address.

Individual Threat intelligence related tools and APIs:
Domain Reputation scoring, Evaluate a domain's reputation based on numerous security data sources as well as on an instant external configuration audit procedure
Connected Domains API, Retrieve a list of domain names resolving to a given IP address, including subdomains.
Domain Malware check. For a given domain name, check if it is considered to be dangerous in different security data sources. Dangerous domains could be related to a malware distribution network or host a malicious code.
SSL Configuration Analysis. For a given domain name, establish and test SSL connection to the host and analyze how it is configured - to detect common configuration issues potentially leading to vulnerabilities.
SSL Certificates Chain. For a given domain name, get detailed information about its SSL Certificate and the complete SSL Certificates chain.
Domain's Infrastructure Analysis, For a given domain name, get a collection of its web, mail, and name servers as well as its known subdomains. For each infrastructure entry, find out its IP address, geolocation and subnetwork information.

Enjoy!

This was a sponsored post.​

 

[Domainstore]

This certainly look very impressive !
So much tools and protection and domain and whoisanalysestools, etc...
Never seen this before.
Thanks for giving a possiblity for the Suite to use it for free (before eventual buying the stuff). !
WAAAW

 

[saj110]

Oh Wow! That is tons of information on various tools & APIs. Amazing!
Thank You for sharing @domain_names

 

[CakeCode]

Thanks for the post, great collection and info.

Just wondering if there is any tool / site out there to find out

All Existing WEBSITES for a given keyword

Say for example if I type BONVOYAGE , I want to get a list of all existing websites that either have Prefix+Bonvoyage or Bonvoyage+Suffix in the name.

 

[domain_names]

Thanks for the post, great collection and info.

Just wondering if there is any tool / site out there to find out

All Existing WEBSITES for a given keyword

Say for example if I type BONVOYAGE , I want to get a list of all existing websites that either have Prefix+Bonvoyage or Bonvoyage+Suffix in the name.

Yes to get a list of existing websites that matches a given keyword, you can use one of the following services:Reverse Whois Lookup or Reverse Whois API

 

[D Haynes]

Thanks for the post, great collection and info.

Just wondering if there is any tool / site out there to find out

All Existing WEBSITES for a given keyword

Say for example if I type BONVOYAGE , I want to get a list of all existing websites that either have Prefix+Bonvoyage or Bonvoyage+Suffix in the name.

Namedroppers.com or dofo.com maybe?

 

[Name Trader]

Another WOW! Thanks for this. This is going to be very useful going forward. 5 Stars.

 

[JMH]

This is GREAT, thank you!!

a set of domain research tools that includes Domain monitor, brand monitor, registrant monitor, whois search, reverse whois search, etc

I wonder how they are doing registrant monitoring now that much of the public registrant info is redacted due to GDPR.

 

[domain_names]

This is GREAT, thank you!!



I wonder how they are doing registrant monitoring now that much of the public registrant info is redacted due to GDPR.

https://reverse-whois-api.whoisxmlapi.com/ has the option to use historic whois records for search and most whois records don't change much.

 

[Domainstore]

This is GREAT, thank you!!

I wonder how they are doing registrant monitoring now that much of the public registrant info is redacted due to GDPR.

Yes, that is a concern,but I already discoverred that Resellerclub (with reseller like Whiz.in, Alpnames and others) gives the option to opt out privacy or opt out GDPR. (you have to do that for every name).
I already called some of my countries European MP's, to warn them that the regulation has some unwanted and unexpected consequences in a "domain" they didn't exactly think about. Because there's privacy now, but not everybody WANTS privacy, certainly in this domain. The "spirit of the law" is defending privacy of the European citizen, but if they see that it can hurt a lot of companies and people they probably will listen.
But much more will have to be done to convince them in other countries too. (and I have of course still to send the ones in my country on paper and in email what's the exact problem). It are unintended consequences, of this law (theproblem with whois, I mean. That's what we have convince European MP's have to be informed about.

 

[domain_names]

Yes, that is a concern,but I already discoverred that Resellerclub (with reseller like Whiz.in, Alpnames and others) gives the option to opt out privacy or opt out GDPR. (you have to do that for every name).
I already called some of my countries European MP's, to warn them that the regulation has some unwanted and unexpected consequences in a "domain" they didn't exactly think about. Because there's privacy now, but not everybody WANTS privacy, certainly in this domain. The "spirit of the law" is defending privacy of the European citizen, but if they see that it can hurt a lot of companies and people they probably will listen.
But much more will have to be done to convince them in other countries too. (and I have of course still to send the ones in my country on paper and in email what's the exact problem). It are unintended consequences, of this law (theproblem with whois, I mean. That's what we have convince European MP's have to be informed about.

Yes an unintended consequence of GDPR is that it not only decreases domaining transactions, but actually impacts cyber-security in a negative way. Security researchers and law enforcement are no longer able to do their jobs effectively to catch cyber criminals.
here are several blogs on this:

https://krebsonsecurity.com/2018/02/new-eu-privacy-law-may-weaken-security/
https://www.whoisxmlapi.com/blog/unintended-consequences-of-gdpr-on-privacy-and-spam/
https://www.darkreading.com/cloud/g...chant-risk-security-monitoring/a/d-id/1331874

 

[toughdomains]

pricing is a bit high for the volume we do...
https://whoisapi.whoisxmlapi.com/pricing

 

[lock]

I have a load of resources on my site which i use all the time myself. I really like to know who I am dealing with also before I part with my domains or hard earned cash.

 

[Nikhilmehta007]

Looks interesting. Thanks for sharing the tools.

 

[Sam]

Any reason why your whois service is so unreliable recently? my results get <50% return rate. Perhaps removing TLDs that your unable to query?

 

[domain_names]

Sam, can you send our support a detailed email on this, and we'll review the specifics.
thanks!

Here's a compilation of our favorite domain research, monitoring and threat investigation tools and APIs:

Domain

Any reason why your whois service is so unreliable recently? my results get <50% return rate. Perhaps removing TLDs that your unable to query?

Research and Threat Investigation:

Domain Research and Monitoring Suite, a set of domain research tools that includes Domain monitor, brand monitor, registrant monitor, whois search, reverse whois search, etc

All-in-one Domain Research and Monitoring Enterprise API Packages


Individual domain research tools and APIs:
Reverse DNS Lookup, discover all connected domains hosted on the same IP address
Bulk Whois API. provides Whois records in bulk for a large number of domain names or IP addresses.
Domain Availability API, the most accurate domain availability checker offered
Reverse MX Lookup, Reveal all domains that use the same mail server
Reverse NS Lookup, Find all domains that use the same name server
IP Geolocation API, instantly find an IP address' physical geolocation
Reverse Whois, Discover all domain names associated with an individual or an organization.
Email Verification API, Email Address Validation Tool to Verify Existence, Validity, & Quality
Whois API, provides the registration details, also known as the Whois Record, of a domain name or an IP address.

Individual Threat intelligence related tools and APIs:
Domain Reputation scoring, Evaluate a domain's reputation based on numerous security data sources as well as on an instant external configuration audit procedure
Connected Domains API, Retrieve a list of domain names resolving to a given IP address, including subdomains.
Domain Malware check. For a given domain name, check if it is considered to be dangerous in different security data sources. Dangerous domains could be related to a malware distribution network or host a malicious code.
SSL Configuration Analysis. For a given domain name, establish and test SSL connection to the host and analyze how it is configured - to detect common configuration issues potentially leading to vulnerabilities.
SSL Certificates Chain. For a given domain name, get detailed information about its SSL Certificate and the complete SSL Certificates chain.
Domain's Infrastructure Analysis, For a given domain name, get a collection of its web, mail, and name servers as well as its known subdomains. For each infrastructure entry, find out its IP address, geolocation and subnetwork information.

Enjoy!

This is a sponsored post.​

Any reason why your whois service is so unreliable recently? my results get <50% return rate. Perhaps removing TLDs that your unable to query?