WHOXY is a free WHOIS record search tool that, unlike many other WHOIS tools, has in the free version features such as a WHOIS history record that allows you to view a record of old versions of almost any domain. It also allows reverse WHOIS lookup with an email address or name.
When analyzing any domain such as “osintguardian.org” what appears is real-time information from the WHOIS record, which is common in this type of tools so this does not differentiate it from other conventional WHOIS tools. What makes it different are other free functions such as the possibility of performing reverse searches with email addresses and a database with WHOIS history records.
In the WHOIS history provided by WHOXY there are 2 records that do not tell very useful information besides we use cloudflare servers as DNS and the WHOIS privacy provider is PrivacyGuardian. Knowing the WHOIS history of a domain is useful when it has had privacy leaks in the past. An example of a useful use of this function is in the investigation into how pedo networks used Chaturbate’s affiliate program.
when we researched the founders and current owners of Chaturbate we discovered that they previously operated a company called “Web Entertainment Group, Inc” where they founded “wegcash.com” which was the predecessor of the current Chaturbate affiliate program.
In this investigation, one of the services used to analyze the WHOIS history of different domains linked to these people was WHOXY. In the early 2000s, there were almost no privacy services in WHOIS, so knowing who was really behind these domains was easy when using WHOXY.
WHOXY also has a very cheap API that can be used by third-party services, companies, other tools and scripts. An example of a good use of the API is OSINT Industries which we also used in the research we carried out. For example, OSINT Industries is useful because it is a massive SOCMINT scan.
To test the API there is a very useful repository on GitHub developed in Go that is easy to use in the console with different commands, these types of processes are not for normal users. It is for people looking to speed up the process of searching for WHOIS records.
Maybe in the future we will do an article on how to use the API, this depends on whether we receive many emails in our inbox from people interested in knowing how it works and how to use the WHOXY API. although knowing this is not necessary for normal users who wish to perform a WHOIS analysis.
