WHOIS
Last updated
Was this helpful?
Last updated
Was this helpful?
WHOIS is a tooling integration. Tooling Data Source integrations are used during investigations to improve analysis and in interactive chat to help answer questions. They are optional, but enabling more tooling integrations enhances Dropzone analysis.
Dropzone AI platform supports WHOIS, which queries domain registrations information. Useful information that may be cleaned via WHOIS includes:
Domain Ownership Information
Retrieve details about the registered owner of a domain
Registration Dates
Access creation dates, often indicative of 'new' domains, more likely to be used in attacks
Contact Information
Get administrative, technical, and registrant contact details
The WHOIS Data Source integration does not require any API keys or credentials.
To enable the Data Source integration, do the following:
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.ai
Click System > Integrations
Click "Provided"
In the Search bar, search WHOIS, then click the kebab on the right
Click "Enable data source" to enable
If you have any errors engage your Dropzone AI support representative.
