Identify who is hosting a particular domain
name or website.
A domain has a number of records associated with it, a DNS server can be queried to determine the IP address of the primary domain (A record), mail servers (MX records), DNS servers (NS nameservers) and other items such as SPF records (TXT records). This is a REST API to perform DNS queries via simple HTTP requests, receiving your results back as JSON/XML-encoded objects.
- Displays the DNS information critical for identifying who is hosting a particular domain name or website.
- To Determine the Mail Servers for Particular Domain You might use this API to find out what server(s) accept email for a specific domain (by doing an MX record lookup).
- Determine the IP address of the primary domain (A record), mail servers (MX records), DNS servers (name servers) and other items such as SPF records (TXT records).
- To Determine Whether the Domain Restricts Who Can Send email You might use this API to determine the SPF record for a domain (by looking up the TXT record for the domain), to see if the domain tries to restrict who can send email using the domain.
Cyber security use cases
- Important in detecting or dealing with cybercrime or network security issues.
- To prevent spam attacks from a particular web server or IP address. When your site is attacked by spam repeatedly, it is possible to obtain the IP address(es) of the attackers and then use a reverse DNS lookup tool to obtain site registration information of that IP address.
- Security penetration testers and researchers will use information collected from DNS to expand their knowledge of an organizations information technology infrastructure and from that knowledge begin to understand the attack surface.
- Even more violent than spam is the dreaded DDoS attack, which is basically a security attack on your web site from dozens or even hundreds of IP address simultaneously. You notice an unusual amount of traffic suddenly, then you may want to conduct a reverse DNS lookup and get to the root of it before it becomes a problem, especially if the traffic is originating from a group of similar IP addresses.
Enterprise API Package
API access through WhoisXMLAPI can be purchased as an annual subscription. The access pricing is based on the number of queries, which is measured monthly with per-minute rate limits. The pricing structure gives predictability to business planning and solution architecture.Learn more