Blog & How To Guides | WhoisXML API



Domain Research Suite Blog

Finding Traces of Business and CEO Impersonators: A DIY DRS Guide to Business and CEO Impersonation Vector Identification

Business and Chief Executive Officer (CEO) impersonation have become a multibillion-dollar industry. They are, in fact, two of the most common types of phishing employed today.

In this edition of our DIY investigation guide, we will demonstrate how companies and their security teams can detect potential business and CEO impersonation scam vectors in the DNS using the Domain Research Suite (DRS) search and monitoring tools.

Steering Clear of Fake VPN Services: A DIY DRS Guide to Threat Discovery

Distributing fake virtual private network (VPN) services is no longer a novel cybercrime concept. They have, in fact, likely been around since the service’s usage gained ubiquity in the 2000s.

Staying One Step Ahead of BEC Scams: A DIY DRS Guide to Threat Discovery

Business email compromise (BEC) scams cost organizations billions of dollars annually, making it a lucrative business for threat actors. BEC campaigns commonly spoof target companies and reputable email and electronic document service providers.

In this edition of our DIY investigation guide, we will demonstrate how companies and their security teams can detect potential BEC scam vehicles in the DNS using the Domain Research Suite (DRS) search and monitoring tools.

Investigating EHR Software Impersonation: A DIY DRS Guide to Threat Discovery

Several ransomware families have been seen targeting healthcare organizations in the past few years, adding to the challenges faced by the healthcare sector. Phishing is a favored initial access vector, where threat actors commonly utilize domain names. This edition of our DIY investigation guide will demonstrate how healthcare security teams and organizations can retrieve and monitor cybersquatting domains using Domain Research Suite (DRS) search and monitoring tools.

How to Trace a Privately Registered Domain’s Owner by Using a WHOIS History Lookup Tool

With a myriad of free readily available tools online, it’s not so difficult to find out if someone else already owns a domain you’re eyeing or if that domain is available for purchase or registration. But that’s where most tools stop. Sometimes, more details, such as a domain’s ownership history, including current and past registrants’ names and contact details, are hidden since most domain owners opt for privacy protection.

ChatGPT-Themed Phishing? Here’s a DIY DRS Guide to IoC Expansion and Threat Discovery

Despite being newly launched, ChatGPT has taken the world by storm. The business community is generally thrilled at what the AI chatbot can do, and threat actors are riding the wave. Phishers have been spoofing ChatGPT to lure people into handing over their credit card information and other sensitive data.

This edition of our DIY investigation guide will demonstrate how organizations can lessen the risks ChatGPT-themed threats pose using different Domain Research Suite (DRS) search and monitoring tools.

How to Retrieve Domain WHOIS History Data After Redaction

WHOIS information is indispensable for any cybersecurity researcher. It is an essential resource for tracking down registration owners for a variety of reasons that range from settling trademark and cybersquatting disputes to configuring websites. With WHOIS records, a security analyst or website administrator can quickly get in touch with a registrant owner to resolve or file a dispute, transfer a domain with ease, or set up a valid Secure Sockets Layer (SSL) certificate.

Exploring a Zoom-Targeted Campaign: A DIY Domain Research Suite (DRS) Guide to Threat Investigation

Popular software products and applications are often prime targets of cyber attacks—Zoom being one of them. With about 300 million users, Zoom has been repeatedly targeted by malware distribution campaigns, phishing attacks, and other threats. This edition of our DIY investigation guide will look into one of the most recent Zoom attacks, where malicious actors distributed IceID malware through the video communication platform. Our demonstration used different Domain Research Suite (DRS) search and monitoring tools.

Chasing Ducktail Info Stealer: A DIY Domain Research Suite (DRS) Guide to Threat Hunting

An info stealer dubbed “Ducktail” was observed targeting Facebook business accounts, particularly those using Meta’s ad platform. This edition of our DIY investigation guide will demonstrate how to investigate and build on the Ducktail IoCs for more proactive threat hunting and cybersecurity defense using different Domain Research Suite (DRS) search and monitoring tools.

How to Conduct Regulatory Due Diligence with Domain Intelligence: DIY Domain Research Suite (DRS) Guide

Businesses worldwide must follow certain regulations typically defined by different government agencies and international organizations. Otherwise, they may face legal issues and notably be levied with monetary fines.

DNS intelligence can help businesses conduct regulatory due diligence through domain research and monitoring techniques. How? We’ll take you through the process using the Domain Research Suite (DRS) and information provided by the Office of Foreign Assets Control (OFAC), so you can also perform the same screening for your company.

Unmasking Fraudsters—DIY Domain Research Suite (DRS) Guide

Posing as legitimate customer-facing organizations is a significant contributor to the success of fraudulent campaigns.  In this edition of our DIY investigation guides, we will take you through the process of investigating possible vehicles for fraud targeting the financial sector using different Domain Research Suite (DRS) search and monitoring tools.

BazarCall IoC Expansion—DIY Domain Research Suite (DRS) Guide

We took a deep dive into published indicators of compromise (IoCs) for a recently upgraded BazarCall campaign, leading us to more than 7,000 possible vehicles for similar callback phishing attacks.

We’ll take you through the IoC expansion process using various domain search and monitoring tools within the Domain Research Suite (DRS), so you can also perform a similar threat expansion on your own. The IoCs used as examples in this post were taken from this report.

Registrant Monitor Web Tool Tutorial

Registrant Monitor Web Tool Tutorial

This tool allows you to monitor domain registrations, updates, renewals or expirations made by registrants according to search criteria.

Reverse WHOIS Search Web Tool Tutorial

Reverse WHOIS Search Web Tool Tutorial

Reverse WHOIS Search allows you to obtain a list of domains containing a specific search term (registrant's name, email address, phone number) in their current or historical WHOIS records. This tutorial teaches you:

Track Down a Serial Counterfeiter—DIY Domain Research Suite (DRS) Guide

We investigated 360+ cybersquatting domains targeting Gucci added in the second half of the year (1 July–10 October 2022), leading us to an active counterfeiter targeting multiple fashion brands.

We’ll take you through the process using a variety of domain search and monitoring tools within the Domain Research Suite (DRS), so you can also do it for your brand.

WHOIS History Search Web Tool Tutorial

WHOIS History Search Web Tool Tutorial

WHOIS History Search allows you to view the ownership history of a domain. Here’s a tutorial on using the tool.

Brand Monitor Web Tool Tutorial

Brand Monitor Web Tool Tutorial

Brand Monitor allows you to track any keywords associated with your brand, trademark, or product. It tracks newly registered/modified and also recently expired domains containing all the Include terms and none of the Exclude terms in their domain name.

Reverse DNS Search Web Tool Tutorial

Reverse DNS Search Web Tool Tutorial

Reverse DNS Search allows you to retrieve domain name properties connected by DNS records. For instance, you can find web properties all hosted on a given IP address or using the same nameserver and mail server.

WHOIS Search Web Tool Tutorial

WHOIS Search Web Tool Tutorial

WHOIS Search allows you to retrieve a given domain name’s ownership, administrative, and technical information, among other details. From there, you can verify the legitimacy of a domain or pivot off certain WHOIS records to uncover current and historical connections. We’ll demonstrate how you can use WHOIS Search below.

Domain Availability Check Web Tool Tutorial

Domain Availability Check Web Tool Tutorial

Domain Availability Check allows you to verify the availability of a domain for registration. All you have to do is type the domain name into the search field and click Check.

Domain Monitor Web Tool Tutorial

Domain Monitor Web Tool Tutorial

Domain Monitor allows you to monitor changes in the selected domain WHOIS records and track both existing and not yet registered domains.

Domains & Subdomains Discovery Web Tool Tutorial

Domains & Subdomains Discovery Web Tool Tutorial

Domains & Subdomains Discovery Lookup allows you to identify all domains and subdomains that contain all the Include terms and none of the Exclude terms. You can discover domains only, subdomains only, or both. Also, you can specify where the search term should be placed in the domain name: start with, end with, contains, contains the word, to narrow down the results according to your needs.

The Domain Research Suite (DRS) Guide for Journalistic and Media Research

As an aggregator of WHOIS, DNS, and IP data, WhoisXML API can help back up journalistic investigations with verifiable online facts about domains and websites. Researchers and media professionals can use our 9-in-1 hosted Domain Research Suite (DRS) platform to investigate suspicious domains, detect domain registration trends, keep track of the government’s or private sector’s actions towards errant websites, and more.

13 Ways to Increase Brand Reputation and Protect It

13 Ways to Increase Brand Reputation and Protect It

When talking about brand reputation, one of the first things that come to mind is reviews. What are customers saying about your product or service? While that is true, there is more to a brand’s reputation than racking up positive reviews. We delved deeper into brand reputation in this post and provided some actionable tips and valuable tools to manage it effectively.

The Ultimate Guide to Branding in 2021

If you run a business, there's never been a better time to stand out from the crowd. Still, to make sure you're at the forefront of your industry, you'll need to learn how to take a brand from concept through to execution. This guide provides the latest information you need to get your company noticed and create an identity that lasts.

DRS Video Tutorial #1 — A Brief Overview

Check out this explanatory video looking at a series of examples and DRS queries for security and other purposes.

Reverse WHOIS in action: find all domains or websites of a company, and more

Reverse WHOIS in action: find all domains or websites of a company, and more

See Reverse WHOIS Search in action by searching for all the domains a company owns or controls. We will use the web-based Reverse WHOIS Search tool. An alternative would be to use Reverse WHOIS API, a RESTful solution that has the same capabilities.

We picked a popular brand, the Eastman Kodak Company, as an example for our investigation, although the tool works for any company you may be interested in. If you are a domainer, a marketer, a legal investigator, an IT security expert, or anyone interested in or working with Internet domains, you are in the right place. We’ll present a Swiss Army knife designed to fit your every need.

Try our WhoisXML API for free
Get started