Page tree


Dossier Threat Indicators

The Dossier™ (Legacy) threat indicator research tool offers the following features. Using the Dossier (Legacy) toolset, users may make accurate decisions more quickly and with greater confidence based on the contextual information obtained from a dozen sources simultaneously.

  • Alexa
    Alexa is a global pioneer in the world of analytical insight. Their vast experience means they have developed the most robust and accurate web analytics service. Search results from Alexa provide a ranking from the global Top 1,000,000 Sites list.
  • BloxOne
    BloxOne is Infoblox’s flagship data collection. Queries are executed against all data within BloxOne and data provider subscriptions.
  • DNS Lookup
    Search results from DNS Lookup provide all the available information about a given hostname from DNS nameservers.
  • Global Custom Search
    Global Custom Search, or GCS, searches anti-virus analysis pages, malware analysis blogs and other related malware/RCE websites. Global Custom Search is a platform provided by Bing that allows web developers to feature specialized information in web searches, refine and categorize queries and create customized search engines.
  • Geolocation
    The geolocation tool plots the identified coordinates on a map, providing city-level accuracy. Other information including ISP, city, region, lat/long, and country are also included.
  • Google Web Risk (GWR)
    Google Web Risk (gwr), formerly Google Safe Browsing, is a Google service that enables applications to check URLs against Google’s constantly updated lists of suspected phishing, malware, and unwanted software pages.
  • Passive DNS
    Passive DNS is the historical DNS record for hostnames. When searching a hostname, Passive DNS will return all IPs that hostname has resolved to and were caught by the PDNS sensors in the previous 12 months. When searching an IP, Passive DNS will return all hostnames that have pointed to that IP. Note: Not every DNS change is caught, so there will be missing information.
  • Reverse DNS
    The Reverse DNS tool performs a reverse DNS lookup of an IP address by searching domain name registry and registrar tables.
  • Reverse Whois
    DomainTools’ Reverse Whois lookup API allows a lookup in Whois records that contain a string. This is typically used for identifying information like an email address or name. The results can reveal related, registered domains.
  • Secure Domain Foundation
    Secure Domain Foundation is a Canadian incorporated not-for-profit organization whose primary mission is to provide Domain Name Registrars, registries (ccTLD & gTLD), hosting providers, DNS operators, and other Internet infrastructure providers with the tools they need to combat abuse of their services and a forum for sharing intelligence on bad actors. This version of SDF’s API is designed specifically to assist domain registries, registrars, and hosting providers to easily obtain validation and reputation information on certain account or whois related data points.
  • Whois
    DomainTools’ Whois lookup API provides the ownership record for a domain name or IP address with basic registration details, all in well-structured format that groups together important data.
  • No labels

This page has no comments.