OSINTGuardian

What is WHOIS? view domain information

Claudia Lopez
Claudia Lopez

ยท

Whois is a tool to obtain information about any Internet domain. This is used to view information from the owners of different websites around the world for many years.

There are many whois tools for all kinds of domains. tools such as who.is, ICANN Lookup or whois.com can collect information from internet domains

j

Using these tools is the first step when researching any website or internet domain, as they will show domain information

  • domain registration company:
  • domain creation date
  • nameservers (DNS Zone)
  • Domain status (information)
  • contact information

Contact information for the website administrator:

The information shown in whois also shows the contact information of the domain owner. This information is publicly displayed in whois OSINT tools unless the domain has proxy whois enabled or more popularly called privacy whois.

  • Name and last name
  • email address
  • Country and city
  • postal code
  • address
  • phone number

Privacy Whois and information censorship:

There are many companies that publicly add false information in whois to protect the personal information of domain administrators. Many registrar companies already have this option by default when purchasing a domain.

Still, there are ways to use OSINT and social engineering methods to find out the true email address of a domain owner. for example many whois results show “[email protected] in the whois results.

Some privacy whois companies use proxy emails. When someone sends an email to the proxy email address generated by privacy whois, the email is forwarded to the real address of the website owner.

When the website owner responds to your message, you will see their email address. and you will be able to see the real email address. and use OSINT methods to discover new information based on the email address.

Another way to use osint methods with privacy whois is to go to the privacy provider’s website and check if there are contact forms. These are usually there when the privacy provider does not create a proxy email.

By completing the contact form, the privacy provider will automatically send the domain owner your message, and if you attract the owner’s attention, he will send you a message by email.