Digging Up Zombie Domains with WHOIS History | WhoisXML API

Threat Reports

Digging Up Zombie Domains: What WHOIS History Reveals about 3,800+ Verified Phishing Hosts

As phishing remains an imminent attack vector leading to costly and damaging campaigns, WhoisXML API researchers dug up the WHOIS history of 3,800+ domain names and subdomains associated with verified phishing URLs. We present our key findings and analyses in a white paper and associated threat research materials covering:

  • A deep dive into the phishing hosts’ historical WHOIS records to see how deep the domains’ history is and spot significant changes in WHOIS records
  • An analysis determining the hundreds of phishing domains that are now available again for registration despite their malicious past
  • Tracing the breadcrumbs uncovered by WHOIS history, including 1,400+ unique registrant email addresses, which led to almost 5,000 additional connected domains

Download the white paper and research materials containing the data now.

Try our WhoisXML API for free
Get started