A tool you should have in your arsenal when investigating token projects for legitmacy is doing a whois record search.
A great site to do this with is whois.domaintools.com.
What is a whois record? It's like the publishing information at the front of a book. It will have clues to the origin of the website and when it started.
Below is where you'll start. Enter the domain in question and click "search". The site will give you a captcha box the check and then you'll get the results.
Now we have a good deal of information to look over.
Most sites will have personal information redacted and shielded behind a company tasked to do just that (if they have their personal information that's a tip-off to it probably not being professionally set up).
Our first big point interest in this is the "Registrar". This is who the domain was purchased from. I have it highlighted in yellow here.
Dates can be interesting. You can gauge how long the website has been established and see how long they have purchased it for.
The longer the expiration date is out, the better.
The namservers will tip you off to where their hosting is. This is how their DNS is handled and hosting often requires the use of their nameservers.
This is not always the case, just a good clue. I personally host this website, so I have Cloudflare protection and our DNS is handled by them.
If you see odd companies in either the Registrar or the Nameservers, look them up.
Are they reputable or are they back corner of the Internet
hosts, who don't care about fraud as long as they are paid?
Some of the big players are GoDaddy, Namecheap,
Wix (crypto is against their TOS)
and Tucows.
I hope this information helps you in your quest for information.
If you have any questions, feel free to join us on Telegram at