Web sleuthing – Part 1 – Domain registration records

Generally, key executive officers and insiders of a publicly-traded company do not register their company’s domain.  They let an IT person or web designer handle the task.  Domain registration records tend to be a reflection of what the lower-level employee thinks who actually owns a particular domain name.

Looking at domain registration records can potentially be a useful tool for detecting frauds.  Insiders may be lying about the ownership of a particular company or subsidiary.  Fraudsters may unintentionally fail to cover their tracks because many people do not realize that domain registration records are public.  The domain registration records may tell a different story than a company’s SEC filings.  That is why I look.

Here are three useful websites to look up domain records:

  1. Who.is
  2. DomainTools.com
  3. WhoisMind.com

The names, organizations, and email addresses often contain clues about who the person registering the domain is, what company they work for, etc. etc.

Some people use privacy protection services to hide their identity.  This is very legitimate as it reduces the amount of spam (email and physical mail) that gets sent to the mailing address and email addresses on record.  If you register your own domain, I would encourage you to protect your privacy because you may not want others knowing where you live.  As well, you probably prefer to receive less spam.

The information on the domain record may also show information for the domain registration or web hosting company.  That information has nothing to do with who owns the domain.

ICANN rules

ICANN is the non-profit organization that helps to keep the Internet running.  In theory, their rules require that the information on a domain registration be accurate.  In practice, webmasters may ignore that set of rules.  Technically, accurate domain registration information can matter if the domain were to be disputed (e.g. somebody claims that their domain was stolen, trademark infringement, etc.).

In practice, I would not assume that the information on a domain registration record is 100% accurate.  It is simply a reflection of what the person administering the domain put in.  This is often an IT person or web designer.  Some IT personnel prefer to administer the domain registration themselves as it gives that person greater control over the domain.  Suppose a company let the freelance web designer (or web design firm) they hired administer the domain.  That party may not be employed by the company directly and could theoretically hold the domain name hostage (e.g. payment disputes) or alter the website.

Some companies allow their web designers to handle all of the website-related tasks for them.  Many web designers will put in the information of the company and/or person hiring them when filling out the domain registration.

The email addresses on a domain registration record are almost always correct.  If somebody wishes to transfer a domain to another owner, an email will be sent to the email address on the domain registration record.  For the transfer to succeed, the recipient must read that email and extract a transfer code from it.  So, they need to put in a functioning email address in the domain registration record.  In practice, some people (like me) screw this up when registering their domains.

Domain History

Who.is and DomainTools.com have tools that allow you to see changes to the domain registration over time.  Try Who.is first because it is free to check.

Domain creation date

This date can be useful to figure as it indicates the earliest date a website could have existed.  It shows how long a website could have been operational.

Reverse email lookup and reverse IP

Various parties keep extensive databases of many domain registration records.  Whoismind.com is free to use though not always complete.  By collecting a very large number of domain registration records, these databases offer the opportunity to figure out all of the domain names registered to a particular email address (or name or IP address).  This can be used to find out many of the websites a particular person has registered.

These are useful tools.  However, I’ve never found anything really exciting with it that I couldn’t find through other means.  Sometimes the other methods are slightly faster.  For Chinese companies, you can simply perform web searches in Chinese for names associated with a particular company.  It is a more effective way of finding other websites associated with a company.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s