41
Many times you’ll want to know who is behind a domain. This used to be relatively easy to find out in the past: when a person bought a domain, their name was put into a “registry,” which is sort of like the “phonebook of domains.” (Yes, I know: many of you are probably now asking what a “phonebook” is…)
Back then, to find out who owned a domain, you’d just go and look it up, using a service called WHOIS.
Unfortunately, things got more complicated. People who had their email addresses and names in the “domain phonebook” would get spam email, or the information displayed on the registry would be used to try to hack their site. And many people–for example, political dissidents–had good reason to not reveal their names. So, a lot of the “registrars” (the people who you buy your domain name from) started offering masking services, which hide the owner of the domain.
Nowadays, if you want to find out who owns a domain, WHOIS-type services are a good first stop, even though they will usually fail for smaller sites.
To look up domain ownership, we recommend a tool called Domain Dossier. Go to the site and type in your root URL and check all the checkboxes:
When the identity is not masked, you’ll be able to see the owner of the domain. The first place to look is “Registrant Name” and “Registrant Organization”:
Occasionally, you may not get a useful name from the record, but the address might be telling.
If the name is masked in Domain Dossier, you’ll get a record that looks like this:
You may also see the name of a masking service, such as “Domains by Proxy”:
In this case, the registrant is not from Arizona and not named “Domains by Proxy”–that is just the masking service.
Again, it’s important to note that masking is common enough these days that it shouldn’t cause suspicion.
While domain owners can hide their names, they cannot hide the date the domain was registered. As we’ll discuss in another chapter, this is often useful information. By looking at the domain registration date, you can often get a sense of whether a site has a long history behind it or if it has been spun up for a specific purpose.