API Concepts Manage API Key
Internet Data
DNSIQ® WHOISIQ™ SSL Certificates Blacklist Lookup Host Attributes
Attack Analytics
Newly Observed Domains Newly Observed Hosts Malware Phishing Scam Content
Digital Footprint
Global Inventory API Global Inventory Schema
Coming Soon
Additional Resources
PassiveTotal API Workspace Management API


Welcome to the RiskIQ Security Intelligence Services interactive website. From here you can explore our APIs, no sign-up or account required.

Each of our security intelligence services has its own webpage (see the left-hand menu for navigation) with documentation on how the dataset can be used, what the data actually looks like, and how you can programmatically interact with our APIs. Using our online API explorer, you can make real API calls and see real results.

API Keys and Authentication

Usage of these APIs beyond the free-tier access provided on this webpage requires an API Key from RiskIQ. Once you have one, you can configure this website to use it by setting the API Key and API Secret in the API Key section of the webpage menu.

To make production API calls, you will need to include an Authorization header with the value "Basic $ENCODED_KEY$" where the value of $ENCODED_KEY$ is the base-64 encoded concatenation of your api key, a colon, and your api secret. The following shell script shows how one might do this:

ENCODED_API_KEY=$(echo -n "$API_KEY:$API_SECRET" | base64)
curl -H "Authorization: Basic $ENCODED_API_KEY" 'https://api.riskiq.net/v0/whois/riskiq.net'

Rate Limits

API Calls made through this webpage are significantly rate-limited. Once you've registered, we will provide you with an API key that you can use for expanded access to the data sets available here.

URL Parameters

Please ensure all parameters are properly URL encoded.

Date Format and Time Zones

Except where otherwise noted, all dates are in ISO 8601 format, and all time zones are Pacific.

What is the difference between RiskIQ Security Intelligence Services and PassiveTotal?

We believe that these solutions are complementary. Security Intelligence Services provides direct, high volume access to RiskIQ data, allowing mature customers the ability to use this data to defend against threats to their environment. PassiveTotal provides RiskIQ customers the ability to investigate threat to their environment through a rich user interface; broad access to aggregated, curated, and interconnected data from both RiskIQ and partner sources; the ability to seamlessly pivot through these data sets; and robust integrations with third party security providers, bringing the PassiveTotal experience to security tools already deployed within your environment.