Phone number OSINT for security teams. Carrier lookup, SIM swap risk, breach exposure, and open-source intelligence — from a single query.
Already have an account? Sign in
CARRIER · EXPOSURE · OPEN SOURCE
Carrier, line type, VoIP detection, and SIM swap risk. Any number, worldwide.
Get a composite risk score across presence, data breach exposure, and content signals — broken down by category.
Up to 40 open-source results per lookup — social links, public records, directory hits.
WHO USES DEFENCECORE
Investigate smishing and vishing numbers during incident response. Classify VoIP vs. mobile, assess SIM swap risk, and document findings in one report.
Verify phone numbers at signup. Score risk and detect burner and VoIP numbers before they become chargebacks.
Reverse phone lookup for investigators — carrier data, breach exposure, and open-source results in a single report.
Map the phone attack surface during authorized engagements. Check line types and exposure before a social-engineering assessment.
New to the discipline? Read our phone number OSINT guides on reverse phone lookup and investigation workflows.
THREE STEPS
Paste or type any phone number. We support all international formats.
DefenceCore queries carrier APIs, breach databases, and web sources in seconds.
Read the full breakdown — metadata, exposure score, and OSINT results — all in one view.
NO HIDDEN FEES · CANCEL ANYTIME
20 lookups per day, full reports, lookup history.
cancel anytime
No subscription — pay once, use anytime.
one-time · no recurring charge
Professional use only. Intent screening at signup. OSINT for defenders.
PHONE NUMBER OSINT, EXPLAINED
Phone number OSINT is the practice of gathering open-source intelligence about a phone number — carrier, line type, breach exposure, and publicly available accounts linked to it. Security teams use it to investigate smishing, vishing, and fraud without touching private carrier systems. DefenceCore runs the full phone number OSINT workflow from a single lookup.
An HLR lookup queries the Home Location Register — the carrier database that tracks a mobile number’s network status — to confirm a number is active, identify its current carrier, and detect porting. Investigators use HLR and carrier lookups to verify a number is real and reachable before acting on it.
Run a carrier lookup that returns the line type: mobile, landline, or VoIP. VoIP and prepaid numbers are the most common choice for smishing, scam calls, and fake signups, so line type is the first filter fraud analysts apply. DefenceCore includes VoIP detection in every lookup.
SIM swap risk is the likelihood that a phone number has recently been moved to a new SIM or carrier — a key signal in account-takeover fraud. It is detected through carrier-level signals such as recent porting or SIM change activity. DefenceCore returns a SIM swap risk signal with every lookup.
Run the number through a tool that correlates it against known breach datasets. DefenceCore scores breach exposure as part of its composite exposure score, showing whether a number appears in known breach data and how exposed it is overall. Checking your own number is a fast way to assess your attack surface.
No. DefenceCore is built for security, fraud, and investigation teams — not for looking up individuals out of curiosity. Signups are intent-screened, and every feature is framed around defense: investigating suspicious numbers, scoring fraud risk, and auditing your own exposure.
Twilio Lookup and free carrier checkers return carrier and line type, and little else. DefenceCore combines carrier and HLR data, VoIP detection, SIM swap risk, caller ID resolution, breach exposure scoring, and up to 40 open-source results in one report. One lookup replaces the stack of tools analysts otherwise stitch together during an investigation.