You have been redirected from paterva.com. Maltego.com is the new home for all information regarding Maltego products. Read more about this in a message from the Paterva team and in this blog post and FAQ. close
home Transform Hub data categories - Infrastructure & Network Information

WhoisXML API

By Maltego Technologies
Leverage advanced IP and domain data to facilitate cybercrime detection, response, and prevention.
WhoisXML API integration in Maltego
Infrastructure & Network Information Due Diligence Fraud & Abuse

WhoisXML Transforms for Maltego

For over a decade, WhoisXML has been gathering, analyzing, and correlating domain, IP, and DNS data to make the Internet more transparent and secure. They collect and parse the necessary domain data and turn them into understandable and readily consumable intelligence sources. Their unique collection of cyber threat intelligence feeds have proven invaluable in augmenting the capabilities of commercial security platforms (SIEM, SOAR, and TIP) and helping Security Operations Centers (SOCs) & Managed Security Service Providers (MSSPs) achieve superior network visibility.

WhoisXML coverage includes 7+ billion historical WHOIS records across 2864+ TLDs and ccTLDs, 2.3+ billion domains and subdomains, 9.5+ million IP netblocks, 99.5% of IPs in use, and 500 billion historic DNS lookups gathered from over a decade of data aggregation.

Users also benefit from their diverse sets of APIs designed to facilitate cybercrime detection, response, and prevention.

With Maltego Transforms for Whois, investigators gain access to WhoisXML API and leverage advanced IP and Domain Data intelligence in their investigative workflows within Maltego.

Maltego Transforms are available for the following WhoisXML API’s:

  • WHOIS API: Provides the registration details, also known as the WHOIS record data, of a domain name, an IP address, or an email address.
  • Historical Whois API: Track all changes in domain ownership and registration for the past 10 years from a daily-updated database that contains billions of current and historical WHOIS records.
  • Reverse Whois API: Get a list of all the linked domains that contain the identifier such as a domain owner’s name, email address, phone number, postal address, etc.

Benefits

  • Look up the hidden identity of past domain owners and identify the attacker’s historical footprints — before privacy records.
  • Map out attackers’ infrastructure -find all domains, websites, IP addresses, and more details connected to a crime or criminal.
  • Infosec professionals can enhance their solutions and services and protect users against spam, dangerous websites, network infiltrations, and other online misdeeds as well as to investigate third-party risks.
  • Mitigate phishing and other malware-enabled attacks by enabling Digital forensics and incident response (DFIR) and other cybersecurity consultants o provide clients with easy-to-read lists of domains that may have ties to cybercrime, thus allowing them to enhance their cyber defense.
  • Pivot across other disparate data sources available on the Transform Hub and gain a more comprehensive perspective in investigations.
  • Cybersecurity investigators, forensics companies, and Law Enforcement agencies are not the only ones that benefit from the data that WhoisXML API provides. Investors and market researchers can also use WHOIS data to make informed business decisions such as enrich their marketing campaigns, conduct research, uncover market trends, and establish new business opportunities.

Typical Users of This Data

  • Security Operations Centers (SOCs)
  • Managed Security Service Providers (MSSPs)
  • Law enforcement agencies (LEAs)
  • Threat hunters
  • Cyber Forensics Analysts
  • Security Engineers

alt WhoisXML Transforms for Maltego

Pricing & Access

Community Hub

Available for users with Maltego CE.

  • Click-and-Run (CE): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 25 (WhoisAPI) and 10 (DRS) Transform runs/month.
  • Free (API Key Required): Sign up for a free API key here.
  • Bring Your Own Key (Purchase Separately): For full solution access, plug in your existing API key or reach out to us using the form below for purchase inquiry.

Commercial Hub

Users with Maltego One have the following access or purchase options:

  • Click-and-Run (Pro): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 250 (WhoisAPI) and 250 (DRS) Transform runs/month.
  • Click-and-Run (Enterprise): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 500 (WhoisAPI) and 500 (DRS) Transform runs/month.
  • Free (API Key Required): Sign up for a free API key here.
  • Bring Your Own Key (Purchase Separately): For full solution access, plug in your existing API key or reach out to us using the form below for purchase inquiry.

Contact


By clicking on "Send Message", you agree to the processing of the data you entered and you allow us to contact you for the purpose selected in the form. For further information, see our Data Privacy Policy.

About WhoisXML API

WhoisXML is a cyber threat intelligence provider trusted by over 50,000 clients and have been ranked one of Inc. 5000 fastest growing IT companies since 2016. Our customer base includes commercial security platforms (SIEM, SOAR, and TIP), Security Operations Centers (SOCs), Managed Security Service Providers (MSSPs), Fortune 1000 companies, top cybercrime & law enforcement units, government agencies, banks, payment processors, telcos, and brand protection agencies. We also work closely with domain registries/registrars, domain investors/brokers, marketing researchers, big-data warehouses, web analytics firms, investment funds, VC firms, SMBs with a digital footprint, and more.

For more information, visit https://www.whoisxmlapi.com/.

Pick the right product and get started.