Product Overview of DomainTools
DomainTools is a comprehensive web-based threat intelligence and domain research platform designed to support a wide range of activities including cybercrime investigation, online fraud detection, brand protection, and incident response. Here’s an overview of what the product does and its key features:
Core Functionality
- Domain Name Registration and Whois Records: DomainTools provides access to an extensive database of domain name registration records, including Whois data, hosting information, and DNS records. This database spans over 12 years of historical data, making it a valuable resource for tracking domain ownership and changes over time.
Key Features
- Detailed Domain Profiles: The platform offers detailed profiles of domains, including summaries of key data from Whois records and other sources. This includes raw Whois records, domain registration status in various TLDs, and historical Whois records.
- Monitoring Tools: DomainTools includes several monitoring tools such as Domain Monitor, Registrant Monitor, IP Monitor, and Name Server Monitor. These tools alert users to changes in domain status, registrant email activities, IP address hosting, and name server assignments.
- Reverse Lookup Capabilities: Users can perform reverse Whois, reverse IP, and reverse name server lookups to identify other domains associated with a specific registrant email, IP address, or name server.
- Hosting History: The platform provides historical information about the IP addresses associated with a domain, offering insights into past hosting activities.
- Iris Detect: This feature is designed to uncover newly registered lookalike domains within minutes of their registration. It enables ongoing monitoring, alerts, and risk assessment, helping users stay ahead of phishing and other malicious activities.
- PhishEye: This solution allows managers to receive notifications about new domain registrations, view detailed information about each domain, and export domain/IP blocklists in CSV format. It is particularly useful for phishing detection and management.
- API Access: DomainTools offers a robust API that provides scalable and flexible access to its domain intelligence data. The API supports various query volumes and is designed for security investigations, incident response, and integrating domain data into other systems. It includes products like Whois History, Reverse Whois, and Domain Search APIs.
Use Cases
- Cybersecurity and Threat Intelligence: Security analysts use DomainTools to investigate cybercrimes, protect assets, and monitor online activities. The platform helps in identifying threats, streamlining investigations, and predicting risk levels associated with various domains.
- Brand Protection: Companies can use DomainTools to monitor and protect their brand by tracking infringing domains and lookalike domains that could be used for phishing or other malicious activities.
- Incident Response: The platform is invaluable for incident response teams, providing quick access to historical and current domain data to help in responding to and mitigating cyber threats.
Pricing and Accessibility
DomainTools offers a competitive pricing model with monthly data plans, similar to cell phone data plans, ensuring predictable costs. The starting price is around $99 per month, and users can contact the company for a full pricing sheet and to inquire about free trials or other packages.
In summary, DomainTools is a powerful tool for anyone involved in domain research, cybersecurity, brand protection, and incident response. Its extensive database, advanced monitoring tools, and robust API make it an essential resource for staying ahead of cyber threats and managing online risks.