Official ownership records are valuable and can often tell interesting tales about the goods–physical or digital–that they cover. However, ownership records only go so far, as anyone who has used a commercial vehicle history report knows! Getting beyond the basics of registration data can make a world of difference for prospective buyers, and several firms have made a lucrative business out of providing detailed histories of cars and light trucks.
Internet domains are no different. It’s a safe bet that almost anyone reading this is very well-versed with Whois (which used to be spelled WHOIS, in the stilted English of protocol names back in the day). That familiar Courier-font blob of domain registration information is key to all kinds of activities, from domain investment and management, to brand management, to cybercrime investigation. The vast majority of investigations at DomainTools begin with a Whois lookup.
As useful as this information is, however, there is much more that can be learned about a domain by going beyond the data in the Whois record itself, so we’re going to spend some time looking at what’s *not* in the Whois records.
Here at DomainTools, we’ve been collecting and presenting such additional data for years, and the extra information forms a large part of the structure and experience of our Whois lookup results. We call this combination of Whois registration data and additional domain information the Domain Profile (though that name is not explicitly shown on the Whois results page).
Here are examples of the Domain Profile information, the datapoints that go beyond the Whois record:
- IP address (some domains may not have one associated with them, but most do, even if it’s just a parking site from the registrar)
- IP geolocation location and ASN (this tells you about the network on which the domain resides)
- Website title
- Response code (the code the web server sends back upon the initial HTTP connection–assuming the domain has a website up and running)
- Server type
- SEO score, terms, GA codes, images, and links information
- MX records (these are not on the Whois results page, but are available to you through Reverse MX)
Each of these pieces of information can be very valuable. Which are most important depends on the type of investigation you are conducting. But right from the get-go, they help to give you an overall sense of the status of the domain, allowing you to very quickly assess the basics:
- Does it have a website? Does the site look “professional?” Does it look as though it’s been updated recently?
- Does it reside on a dedicated IP address, or a relatively “small” IP address (one with not too many other domains on it), or is it on a big hosting site?
- Is there evidence that the domain’s owner has tried to maximize the domain’s profile, through SEO and other optimization techniques?
- How does the owner (or at least the webmaster) describe the web site? What are they trying to tell the world (and search engine bots!) about the site?
By spending as little as a few seconds looking over the Domain Profile on the Whois results page, you can pick up a lot of useful detail, which in turn informs your decisions about what to do next in your investigation. The next blog on “Beyond Whois” will give more detail on how the Domain Profile datapoints can point you toward valuable answers and sometimes-unexpected insights.
As always, we invite your questions and feedback to email@example.com. Thanks for reading, and happy exploring!