• Unlock Free Access to Threat Intelligence Training Now!
  • Get Started
SecurityTrails Blog · Oct 31 · by Sara Jelen

Ripped from the Headlines: Discovered Link Between Jacob Wohl and Surefire Intelligence

Reading time: 7 minutes

SecurityTrails data can be leveraged for many uses, ranging from helping security researchers and companies defend against future attacks with up-to-date data to helping non-technical users discover valuable information about the legitimacy of companies and their domains.

Thanks to the magnitude of valuable and easily comprehensible data we offer, SecurityTrails has found itself in the middle of a rapidly expanding controversy. We'll shed a light on details surrounding this situation while providing background information and exploring how easy it is to research companies and their public information by using SecurityTrails free features.

The controversy we found ourselves in has given us the idea to follow breaking news stories and important events that are covered by the biggest media outlets so we can do our own investigation, going deeper into the data that is mostly overlooked when covering these stories.

What happens below the surface of the biggest news stories can be uncovered by utilizing our tools which allow us, and you, to investigate domains, IPs and any trails left behind by the actors in such events.

The entire idea is to follow along with the news and stand objectively in contrast to the strong media bias we are all aware off and show people valuable information we can get from investigating domains tied to the headline events.

DNS History doesn't lie, and you can have the first row ticket to see how everything unravels and gives you a much clearer understanding of news stories and legitimacy of facts presented.

We will go deeper into the analysis and show you level of detail in our data and the granularity in which we are monitoring it. You will see how exactly we obtained that data and how you can do the same with SecurityTrails tools!

DNS History doesn't lie, and you can have the first row ticket to see how everything unravels and gives you a much clearer understanding of news stories and legitimacy of facts presented.

First blog post in the series Ripped from the Headlines will feature a scandal revolving around a woman claiming she was offered money to claim sexual misconduct against a Special Counsel, a shady company and its link to Christoph Waltz (well, kind of). And don't worry, we have all the receipts.

Let's begin.

Robert Mueller Smear Campaign

The scandal we're referring to is involving Robert Mueller, Special Counsel overseeing the Russia probe, who has asked the FBI to investigate reports of a woman being offered money to claim she was sexually assaulted by him. The woman has reached out to several news outlets by email, claiming that a man who represented himself as Bill Christensen, working with Republican lobbyist Jack Burkman, offered her money to make accusations of sexual misconduct against Mueller.

When reporters made inquiries to Bill Christensen it was discovered that he worked for Surefire Intelligence. We'll come back to Surefire Intelligence later, after a more detailed look at the scope of the issue that has arisen.

Bill Christensen profile

Jack Burkman, with whom Bill Christensen claims to work, has already made several attempts to gain publicity — with false sexual allegations against other people during the MeToo movement's rise in 2017, along with his dabbling in internet conspiracy theories about the death of Democratic National Committee staffer Seth Rich.

Burkman even tweeted that he would announce to the media the identity of Mueller's alleged victim: https://twitter.com/Jack_Burkman/status/1057304918745333760/photo/1

Jck Burkman's tweet

Ed and Brian Krassenstein, brothers who have become very popular among the internet's anti-Trump movement, have also been approached by the same woman. After starting up an investigation on their own, they received threatening messages urging them to stop the investigation.

Surefire Intelligence

While investigating these claims made against Burkman, it was discovered that he allegedly hired Michael Cohen, a managing partner at a private investigations company Surefire Intelligence. After this, Jacob Wohl, a friend of Burkman and Twitter right-wing activist, posted the following tweet: https://twitter.com/JacobAWohl/status/1057133133861085184

Jacob Wohl tweet

And what about Surefire Intelligence?

Well, the entire company has a veil of secrecy around it. First, there were deleted Craigslist ads that promoted the company as offering services from private spies and ethical hackers.

Then, once you hop onto the company's LinkedIn account, almost all of its alleged employees have fake images on their profiles (the financial investigator is actor Christoph Waltz).

Simon Frick profile with Christoph Waltz pic

When the media contacted the phone number listed on Surefire's website, the call went to voicemail — and provided another number that is, in fact, listed as belonging to Wohl's mother.

Wohl himself tweeted this: https://twitter.com/JacobAWohl/status/1057345698381721600

Another Jacob Wohl tweet

And the Internet was not having any of it.

Internet reacts

Now, it's rumored that Michael Cohen, hired to do the investigation regarding Mueller, is in fact — Jacob Wohl.

How do we know this?

Our amazing users have used SecurityTrails Historical DNS records to dig up dirt on Surefire Intelligence and Jacob Wohl.

Historical DNS records

Using SecurityTrails Historical DNS data, users were able to search Surefire Intelligence and determine that Jacob Wohl changed the SOA record two days ago, removing his email from the record. It seems that Jacob Wohl, the internet celebrity himself, isn't aware that the Internet never forgets.

With our daily updates in all DNS Historical data, you're able to follow changes as they happen, and with that, notice any anomalies that may occur.

You can always check this information on your own and this is how:

First, go to [securitytrails.com][securitytrails] and on the Home Page, in the Search Bar, just type in your desired target, whether it's a domain, IP, or hostname (in this case, we typed in surefireintelligence, and chose it from the drop down menu).

SecurityTrails search

After this, you will be led to a page showing all current DNS records.

Search results

Here, you can find current information about all the records belonging to the domain you have searched, but in this case, the true treasure trove lies in the historical records. In your left corner you will see the Historical Data option, so just click there, and voila!

Historical DNS records

In the historical data you can see all the changes that were made on the records and timestamp that changes whenever someone updates their domain. In this case, the SOA records where the ones holding all the secrets.

SOA records are the ones that provide us with the information on name of the server that contributed the data for the zone, the administrator of the zone among other things. This is where our users discovered the lies Jacob Wohl and Jack Burkman were trying to serve to the public, but they were not very good in covering all their trails. The link between Jacob Wohl and the shady Surefile Intelligence company is clear and what will come from all of these findings is on the FBI and investigation that is happening at the moment.


The Internet is on fire with this newfound information linking Jacob Wohl to Surefire Intelligence and the smear campaign he tried to launch with Jack Burkman against Robert Mueller.

Critical thinking and verified facts never go out of style.

We've yet to see what will become of all this, but we urge everyone to do their own research before jumping on any bandwagon and public outrage, and this research is easily performed by using SecurityTrails API.

We will keep covering the stories that are ripped from the headlines, keeping you in the scoop with all relevant data related to the biggest news outbreaks and showing you ways in which you can do the research on your own. Critical thinking and verified facts never go out of style.

Visit SecurityTrails and gather for yourself all the information we have on Surefire Intelligence or any other company, domain, or IP address you want to investigate. Sign up for your API key and discover the world's largest data of historical DNS records.

Sara Jelen Blog Author

Sara believes the human element is often at the core of all cybersecurity issues. It’s this perspective that brings a refreshing voice to the SecurityTrails team. Her ability to bridge cognitive/social motivators and how they impact the cybersecurity industry is always enlightening.

Subscribe to the SecurityTrails newsletter
Sign up for our newsletter today!

Get the best cybersec research, news, tools,
and interviews with industry leaders