Your Comprehensive Guide to Investigating Website Origins

Estimated read time 8 min read

Welcome, Cyberwarzone readers! Ever stumbled upon a website and wondered about the invisible strings holding it in place? Who owns it? Who’s hosting it? Which ISP is supporting it? Or maybe you’ve come across a suspicious website and want to report it but don’t know where to start.

Today, we’re transforming you into cyber-detectives, unveiling the hidden layers of any website. From WHOIS lookups to social media sleuthing, from time-travelling with the Wayback Machine to navigating protective shields like Cloudflare, we’ve got you covered.

Sit back, gear up, and join us as we take a deep dive into the fascinating realm of website investigation. Remember, as with any power, comes responsibility. This guide is your toolkit, so use it wisely and ethically. Now, let’s get started on this exciting journey!

Step 1: Get to know the Domain

First, we need to understand what a domain name is. It’s simply the website’s address. Like ‘’. Simple, isn’t it? This name points to a computer connected to the internet, called a server. But here’s the catch: the server isn’t always where the owner is.

Step 2: Run a WHOIS Lookup

Now, we dive deeper. Run a WHOIS lookup. This is a query in a database that gives us info about the domain. It usually reveals the name of the domain owner, their contact info, and where the domain was registered.

To do this, go to any free WHOIS lookup service online. Key in the domain name. You’ll get a report.

But don’t get too excited. Some domain owners use a privacy service to hide their details. You’ll see the privacy service’s info instead of the owner’s.

Websites where you can perform a WHOIS lookup:


Step 3: Finding the Hosting Provider

Next stop: finding the hosting provider. Think of the host as the landlord of the website.

You’ll need to perform a DNS lookup for this. DNS stands for Domain Name System. It connects domain names to IP addresses, allowing us to locate servers.

Enter the domain name into an online DNS lookup tool. You’ll see nameservers in the result. These nameservers often include the name of the hosting provider.

Step 4: Identify the ISP

Let’s find the ISP. This is the company that provides internet service to the host server.

To find it, look for the IP address in your DNS lookup result. Then, use an IP lookup tool online. Enter the IP address and hit search. You’ll get an ISP name.

Step 5: Utilizing Social Media

Alright, cyber-sleuths, it’s time to harness the power of social media. It can often provide clues about the people behind a website. Here’s how to go about it:

Step 5.1: Check the Website’s Social Links

Look at the website for links to social media profiles. They’re often at the bottom or top of the webpage. Icons for Facebook, Twitter, Instagram, or LinkedIn are common. Click on them.

Once on the social media page, browse through the posts. Look at who’s managing the page. They’re often part of the team behind the site.

Step 5.2: Run a Quick Search

Enter the website name or domain into the search bar of various social media platforms. You might find posts or accounts related to the site. Do they mention specific people? Do they link back to the site? These can lead you to the individuals involved.

Step 5.3: Look for Mentioned Names

Remember the names you found in WHOIS or DNS data? Plug them into social media searches too. Maybe you’ll find profiles of people linked to the site.

Step 5.4: Tread Carefully

Social media can offer a lot of info. But remember, it’s easy to jump to wrong conclusions. Always double-check your findings. Use multiple sources.

And most importantly, respect people’s privacy. Don’t misuse the info you find.

Step 6: The Wayback Machine

Time for a time machine, dear cyber detectives! No, we’re not talking sci-fi. We’re talking about the Wayback Machine. It’s an online archive that stores old versions of websites. Here’s how to use it:

Step 6.1: Visit the Archive

Go to the Wayback Machine website. You’ll see a search bar. Type in the domain of the site you’re interested in and hit ‘Enter’.

Step 6.2: Explore the Past

You’ll see a calendar view. Each circle represents a snapshot of the website on that date. Click on one to view the website as it was.

Why do this? Well, the Wayback Machine can give you clues. Maybe the site once displayed owner info. Or perhaps an older version of the site linked to a different social media account.

Step 6.3: Investigate Changes

Track the changes over time. Do you see shifts in design, content, or tone? These can hint at changes in ownership or management.

Step 6.4: Don’t Ignore the Details

Check out older contact pages, about pages, or team bios. They might name the people involved with the site.

Step 6.5: Remember Your Limits

Like any tool, the Wayback Machine has its limits. Not all websites are archived. And not all archives are complete. So take what you find with a pinch of salt.

Step 7: The Cloudflare Factor and Other Protective Layers

In our journey so far, we’ve crossed paths with various protective layers websites use. One notable player in this field is Cloudflare. Here’s what you need to know about it:

Step 7.1: Understanding Cloudflare

Cloudflare is a service that protects and accelerates websites. It also hides certain details, making our detective work a tad trickier. Cloudflare is a reverse proxy. This means it stands between the website server and visitors, masking the real IP address.

Step 7.2: Dealing with Cloudflare

If Cloudflare is shielding a website, you’ll see Cloudflare’s info in your WHOIS and DNS lookup results, instead of the website’s real details.

So, what to do? If you suspect a website is involved in phishing, fraud, or other misuse, report it to Cloudflare. They have an online abuse form for this.

Step 7.3: Other Protective Services

Cloudflare isn’t the only service of its kind. Many websites use similar protective layers. This can make finding real owner, hosting, and ISP info more challenging.

Step 7.4: Reporting to Protective Services

Like Cloudflare, these other services also have a duty to tackle misuse. If you suspect a website of wrongdoing, you can report it. Look on the protective service’s site for a contact or report link.

Step 7.5: Remember the Purpose

Contacting these services should be a last resort. It’s primarily for instances where you suspect malicious activity or abuse. Always respect privacy, and use this avenue responsibly.

Step 8: Google Dorking: A Searcher’s Secret Weapon

Next on our cyber-detective journey, we introduce a mighty tool: Google Dorking. Don’t let the playful name fool you; it’s a powerful way to refine your Google searches. Ready to dork around? Let’s go!

Step 8.1: What is Google Dorking?

Google Dorking uses advanced search operators to narrow down results. It helps you find specific information that might otherwise get lost in the noise of the internet.

Try the Cyberwarzone Dorks tool to quickly create queries

Step 8.2: Basic Dorks

Let’s start simple. Say you want to find info about a website on a specific site. Use the operator ‘site:’. Like this: "website name"

This tells Google to only show results from about the specific website name.

Step 8.3: Digging Deeper

Want to find a specific file type related to the website? Use ‘filetype:’ operator. Like this:

filetype:pdf "website name"

This tells Google to only show PDF files about the specific website.

Step 8.4: Mix and Match

You can combine operators to get super specific. Like this: filetype:pdf "website name"

This command will find PDFs on about the specific website.

Wrapping Up: Your Journey as a Cyber-Detective

There we have it, dear readers. You’ve travelled far and wide on this journey through the vast landscape of the web. You’ve delved into WHOIS lookups, DNS insights, IP investigations, social media sleuthing, and historical archives. You’ve learned about protective services like Cloudflare and mastered the arts of Google Dorking.

You’re now equipped with a powerful toolkit, capable of unravelling the mysteries behind any website. But remember, with great power comes great responsibility. You’re not just a curious observer anymore; you’re a cyber-detective. It’s essential to respect the privacy and the integrity of the information you encounter.

Done reading? Learn more about these 25 open source cyber security tools.

Reza Rafati

Reza Rafati, based in the Netherlands, is the founder of An industry professional providing insightful commentary on infosec, cybercrime, cyberwar, and threat intelligence, Reza dedicates his work to bolster digital defenses and promote cyber awareness.

You May Also Like

More From Author