determining the ‘legitimacy’/’reliability’ of a domain

I’ve recently been asked by several people to investigate websites (especially e-commerce ones) for reliability/legitimateness.

Thought someone else may find my process useful, and/or have some ideas on how to improve it ?

So here goes:

1. Pop a terminal window (I’m on a Mac, so I open Terminal – feel free to use your terminal emulator of choice (on Windows, you’ll need to have the Subsystem for Linux or Cygwin installed))
   1. Type whois <domain.tld> | less
      • I’ll use this domain (antipaucity.com) for an example
      • you may be able to use whois.com (eg whois.com/whois/antipaucity.com)
   2. Look at all of the following:
      • Creation (Creation Date: 2006-02-22T01:12:10Z)
      • Expiration (Registry Expiry Date: 2023-02-22T01:12:10Z)
      • Name server(s) (NS3.PAIRNIC.COM)
      • Registral URL (http://www.pairdomains.com)
      • Registrar (Pair Domains)
      • Contact info (should [generally] be anonymized in some manner)
   3. Possible flags:
      • If the domain’s under 2 years old, and/or the registration period is less than a year (we can talk about when short registrations may make sense in the comments)
      • If the name servers are “out of the country” (which, of course, will vary based on where you are)
      • If the contact info isn’t anonymized
2. Load the website in question in a browser (use an ingonito and/or proxied tab, if you like) and review the following types of pages:
   • Contact Us
     • Where are they located?
     • Does the location stated match what you expect based on the whois response?
   • About Us
     • Does it read “naturally” in the language it purports to be written in?
       • Ie, does it sound like a native speaker wrote it, or does it sound stiltedly/mechanically translated?
   • Does it match what is in the whois record and the Contact Us page?
   • Do they provide social media links (Twitter, Facebook, LinkedIn, Instagram, etc)?
     • What do their social media presence(s) say about them?
   • Return/Refund Policy (for ecommerce sites only)
     • What is the return window?
     • How much will be charged to send it back and/or restorck it?
   • Shipping Policy (for ecommerce sites only)
     • How long from submitting an order to when it ships to when it arrives?
     • Where is it shipping from?
   • Privacy Policy (only applies if you may be sharing data with them (ecommerce, creating accounts, etc)
     • What do they claim they will (and will not) do with your private information?
3. Is the site running over TLS/SSL?
   • You should see a little padlock icon in your browser’s address bar
   • Click that icon, and read what the browser reports about the SSL certificate used
   • Given that running over TLS is 100% free, there is absolutely NO reason for a site to NOT use SSL (double especially if they’re purporting to be an ecommerce site)

Reviewing these items usually takes me about 2-3 minutes.

It’s not foolproof (after all, better fools are invented every day), but it can give you a good overview and relative confidence level in the site in question.

from antipaucity https://antipaucity.com/2021/08/04/determining-the-legitimacy-reliability-of-a-domain/
via IFTTT