WHOIS Parse

swimlane parse whois connector the whois parse connector enables users to query whois databases directly from swimlane turbine, extracting valuable domain registration data for cybersecurity analysis whois parse connector taps into the comprehensive whois database to provide detailed domain registration and availability information it enables users to perform whois lookups for domains and ip addresses directly within the swimlane turbine platform, extracting valuable data without the need for manual queries this integration streamlines the process of gathering domain ownership and registration details, enhancing cyber investigations and enriching security incident data by automating whois data retrieval, security teams can rapidly assess domain legitimacy and track potential cyber threats with greater efficiency prerequisites the whois connector does not require an asset capabilities the swimlane parse whois bundle has the following capabilities parse whois text whois lookup whois lookup by ip actions parse whois text extracts detailed registration data from provided whois text for a specific domain input argument name type required description domain string required parameter for parse whois text text string required parameter for parse whois text input example {"domain" "string","text" "string"} output parameter type description headers array http headers for the request headers file name string http headers for the request headers file string http headers for the request reason string response reason phrase status code number http status code of the response address string output field address whois server string output field whois server registrar string output field registrar raw text string output field raw text city string output field city raw json object output field raw json raw json domain name object name of the resource raw json registrar object output field raw json registrar raw json whois server object output field raw json whois server raw json referral url object url endpoint for the request raw json updated date object date value raw json creation date object date value raw json expiration date object date value raw json name servers object name of the resource raw json status object status value raw json emails object output field raw json emails raw json dnssec object output field raw json dnssec raw json name object name of the resource raw json org object output field raw json org raw json address object output field raw json address output example {"headers" \[],"reason" "ok","status code" 200,"address"\ null,"whois server"\ null,"registrar"\ null,"raw text" "google com","city"\ null,"raw json" {"domain name"\ null,"registrar"\ null,"whois server"\ null,"referral url"\ null,"updated date"\ null,"creation date"\ null,"expiration date"\ null,"name servers"\ null,"status"\ null,"emails"\ null,"dnssec"\ null,"name"\ null,"org"\ null,"address"\ null,"city"\ null},"name servers"\ null,"emails"\ null,"country"\ null,"zipcode"\ null,"name"\ null,"org"\ null} whois lookup perform a whois lookup to retrieve domain registration and availability information a domain name is required as input input argument name type required description domain string required parameter for whois lookup raise boolean optional raise an error if the whois lookup fails input example {"domain" "string","raise"\ true} output parameter type description headers array http headers for the request reason string response reason phrase status code number http status code of the response address object output field address whois server string output field whois server registrar string output field registrar raw text string output field raw text city object output field city raw json object output field raw json raw json domain name string name of the resource raw json registrar string output field raw json registrar raw json whois server string output field raw json whois server raw json referral url object url endpoint for the request raw json updated date string date value raw json creation date string date value raw json expiration date string date value raw json name servers array name of the resource raw json status string status value raw json emails array output field raw json emails raw json dnssec string output field raw json dnssec raw json name object name of the resource raw json org string output field raw json org raw json address object output field raw json address raw json city object output field raw json city raw json state string output field raw json state output example {"headers" \[],"reason" "ok","status code" 200,"address"\ null,"whois server" "whois markmonitor com","registrar" "markmonitor, inc ","raw text" " domain name google com\r\n registry domain id 2138514 domain com vrsn\r\n r ","city"\ null,"raw json" {"domain name" "google com","registrar" "markmonitor, inc ","whois server" "whois markmonitor com","referral url"\ null,"updated date" "2019 09 09t15 39 04z","creation date" "1997 09 15t07 00 00z","expiration date" "2028 09 13t07 00 00z","name s whois lookup by ip perform a whois lookup for a given ipv4 or ipv6 address and parse the retrieved data input argument name type required description ip string required an ipv4 or ipv6 address raise boolean optional raise an error if the whois lookup fails input example {"ip" "107 170 254 17"} output parameter type description headers array http headers for the request headers file name string http headers for the request headers file string http headers for the request reason string response reason phrase status code number http status code of the response nir object output field nir asn registry string output field asn registry asn string output field asn asn cidr string unique identifier asn country code string output field asn country code asn date string date value asn description string output field asn description query string output field query network object output field network network handle string output field network handle network status array status value network remarks array output field network remarks network remarks title string output field network remarks title network remarks description string output field network remarks description network remarks links object output field network remarks links network notices array output field network notices network notices title string output field network notices title network notices description string output field network notices description network notices links object output field network notices links network links array output field network links output example {"headers" \[],"reason" "ok","status code" 200,"nir"\ null,"asn registry" "arin","asn" "14061","asn cidr" "107 170 192 0/18","asn country code" "us","asn date" "2013 12 30","asn description" "digitalocean asn, us","query" "107 170 254 17","network" {"handle" "net 107 170 0 0 1","status" \["active"],"remarks" \[{}],"notices" \[{},{},{}],"links" \["https //rdap arin net/registry/ip/107 170 0 0","https //whois arin net/rest/net/net 107 170 0 0 1"],"events" \[{},{}],"raw"\ null,"start address" "107 170 0 0" response headers header description example content type the media type of the resource application/json date the date and time at which the message was originated thu, 01 jan 2024 00 00 00 gmt