With historical WHOIS data, more context is given to domain intelligence, making crucial business processes such as third-party risk assessment, cybersecurity implementation, and cybercrime investigations more effective. Let us explain.

What Is Domain History Ownership?

Domain names are virtual world commodities that are regularly being traded. When someone is interested in a domain name that someone else already owns, he/she can offer to buy the specific domain. On the other hand, when a domain owner lets a domain name expire, anyone can grab and register the domain name for his/her use.

As such, one can imagine the history of domain ownership of a 10-year-old domain name. Such records contain the ownership records provided by its past owners. Domain history ownership includes the following registrant data:

• Name
• Organization name
• Street address
• City/State/Country
• Email address
• Phone number

In essence, it is like doing a backdated WHOIS lookup as the data points you retrieve are the same ones you get from a WHOIS lookup.

Why Is the History of Domain Ownership Important?

Historical WHOIS data is valuable, especially in light of the current privacy redaction of WHOIS records. When you perform a WHOIS lookup on a domain today, you would most likely encounter registrant data that has been “redacted for privacy,” “General Data Protection Regulation (GDPR)-masked,” or protected by a privacy protection service company.

However, when you have access to the history of domain ownership, you would have an inkling about who owns the domain, if there were no recent ownership changes of course.

Consider the domain breakingnewsenglish[.]com as an example. We randomly selected this domain name. WHOIS lookup results reveal that its owner uses the privacy protection service of Domains By Proxy, LLC.

It also tells us that the WHOIS record was last updated on 3 November 2014. If we can get our hands on the domain history ownership data for that specific period, we might be able to determine its current owner.

Domain Name Stat has been tracking domains since 2008. And it revealed that the domain’s owner started using Domains By Proxy in 2017. The registrant since 2012 is someone named S. Banville with an address in Japan.

How Can Domain History Ownership Data Enrich Threat Intelligence?

The domain name above was randomly selected to illustrate why domain history ownership data is essential. But imagine if you’re dealing with more nefarious or at the very least suspicious domains. You can take threat intelligence to a whole new level with the help of WHOIS history.

For instance, what do organizations usually do when they are alerted to an alleged cyberattacker? The best practice would be to block all of the domain names the attacker owns. But with the redaction of WHOIS records, as illustrated in the previous section, this practice might get difficult.

To better illustrate how domain history ownership can help enrich threat intelligence, here is an illustration for third-party vendor risk management.

An Illustration: History of Domain Ownership Identification for Third-Party Risk Management

Third-party cyber risks are more severe than some organizations care to admit. But in recent years, it has become too big to ignore. The Facebook data leak of about 540 million records in 2019, for instance, was attributed to a third-party service.

It pays to scrutinize every vendor or third party before you allow them access to your network. Let’s take a hypothetical surgical mask supplier with the domain jyshmy[.]com as an example. A typical vendor risk assessment could involve these processes:

• Check WHOIS records: WHOIS lookup results look innocent enough, as the domain has been around since 2017. There is nothing suspicious in the fact that there its registrant’s name has been redacted. The WHOIS record further states that the registrant has an address in Hunan, China, which is consistent with the information given by the supplier.
  
• Perform a background check: This process could involve checking the supplier’s website, looking for client feedback, and checking government databases to verify its legitimacy. You may also want to run the domain on virus detection engines or blacklist databases. For jyshmy[.]com, VirusTotal didn’t reveal any malicious or suspicious ties.

If the supplier passes these checks, organizations can then transact with them. The supplier can send them emails that employees deem trustworthy. But what if we add checking domain history ownership as another step in the vendor assessment process?

A WHOIS history lookup reveals that jyshmy[.]com was once owned by an individual named Fujie Wang. The name and address match one of the Federal Bureau of Investigation (FBI)’s most wanted cybercriminal, who was indicted for being part of a hacking group that targeted large businesses in the U.S.

The domain jyshmy[.]com could be one of the malicious domains that Wang, or someone who happens to share the same name, used at that time. And since the cybercriminal is still at large, there is a possibility that he still owns the domain. As such, organizations must be careful in dealing with jyshmy[.]com and other domains that were once possibly owned by individuals like Fujie Wang.

Other Domains with a Shady History of Domain Ownership

Fujie Wang is not the only attacker who has owned several domains in the past. Domains are widely used as weapons by cybercriminals, so this comes as no surprise. For one, we see Ehsan Mohammadi as the past registrant of over a hundred domain names, including the following:

• em-counsel[.]co[.]uk
• iparkexpo[.]com
• geoteem[.]com
• golestaneh-art[.]com
• ismspanel[.]com

Ehsan Mohammadi is one of the nine Iranians indicted for wire fraud, computer intrusion, and identity theft. He was believed to be working for the Iranian government and remains wanted by the FBI.

Igor Turashev is also the elusive technical brain behind Evil Corp’s operations. His name can be seen in the historical WHOIS record of the domain sofronov[.]com, which has been on sale since January 2018. Evil Corp is the cybercrime group that notably used Dridex banking Trojans to steal millions of dollars from their victims.

Beyond Third-Party Risk Assessment

Besides third-party risk management, domain history ownership is valuable in cybercrime investigations as well since it helps experts create attacker profiles. Furthermore, investigators can better track attackers’ digital footprints even though their current WHOIS records are redacted.

WHOIS history further helps organizations with their brand protection efforts as it allows them to see a domain’s past associations before purchasing it. Cybersecurity tools that obtain intelligence from domain history ownership records are also more robust and effective in protecting users’ networks.

We only cited three cyber attackers who have a history of domain ownership. There could be hundreds more, and it’s challenging to keep track of them manually. As such, sources that provide historical domain records are useful. A domain’s past could give valuable insights to cybersecurity teams, third-party risk managers, and cybercrime investigators, to name a few.

Organizations rely on their marketing managers to jumpstart their online success. Aside from allocating budgets for campaigns, managers also have to make sure their activities garner returns on investment (ROIs) and increase their companies’ profitability. And those who want to make the most out of their well-developed campaigns can find value in domain data from sources like WHOIS Database Download and API.

A database offers a lot of room for customization and correlation. When accessed in шеы raw form from CSV or MySQL files, WHOIS data can be filtered by using specific conditions or more easily contextualized with other data sources for statistical analysis using highly customized methods. The said sources might include DNS records and IP geolocation points. In contrast, accessing WHOIS data through an API might be the preferred course of action when the information is meant to be used in a more standardized manner. Either way, let’s take a look at the use cases for marketing professionals.

Domain Data Use Cases for Marketing Managers

WHOIS Database Download and API are great sources to find out all about the owners of domains of interest. Professionals from various industries use them in different ways, the following five of which are relevant to marketing teams:

1. Identify and Connect with Buyers and Sellers

In the digital realm, conventional research techniques are no longer sufficient to craft innovative marketing strategies or to improve them. Digital marketing calls for superior identification of consumers to help companies stay ahead of the competition.

Access to a WHOIS database can help marketers obtain domain ownership records to gather relevant contact and other details, making it easier for them to connect with potential buyers and sellers alike.

2. Gain Insights into Domains for Expansion

Organizations keen on expanding their business often rely on their marketing departments to come up with strategies to promote new ventures. Usually, that requires acquiring new domains to serve as homes for their latest products or services.

Finding domains that match business requirements is doable with the help of WHOIS Database Download. Once marketers identify the domains they want to use, they can quickly check if these are available for registration. If they’re not, with ownership data on domains of interest on hand, marketers can then determine who they can contact for sale negotiations.

3. Enrich Content Marketing Strategies

Content marketing is one of the most effective strategies that marketers use to gain their target markets’ attention. Then again, sometimes, no matter how good their content is, hosting it on a non-authoritative domain can waste all marketing efforts. Thus, digital marketers need ways to gauge the authority of the domain they’re using.

As part of this, it’s often said that older domains are more authoritative. A WHOIS database can tell you how old any registered domain is. It’s like a one-stop-shop if you want to get a list of all aged (and therefore more authoritative with all other factors being equal) domains that would match your business requirements.

4. Monitor Competitor Movement

Competitor analysis is one of the marketing manager’s tasks. With it, the manager learns about the latest market happenings—seeing what the competitors do to identify opportunities that you have yet to explore.

WHOIS Database Download can reveal all of the domains competitors use. Sometimes, new registrations can indicate new business activities such as market expansions, upcoming product launches, and more.

5. Combat Cyber Threats

While cybersecurity isn’t a primary concern for most marketers, a tarnished reputation due to a cyber attack can negatively affect a company’s promotion efforts. After all, an impacted organization is bound to lose the trust of its partners and customers.

Digital marketers thus need to contribute to keeping their organizations’ reputation intact. One way to do that is to ensure that phishers don’t abuse their trademarks in attacks. A WHOIS database lets them check for copycat domains that get used in malicious campaigns. They can then report these to the authorities for blocking or takedown.

The online business landscape is becoming more competitive by the day, and marketers need to ramp up their strategies to stay in the game. They can readily do so with the help of domain data from solutions like WHOIS Database Download and API.

One of the main challenges for threat intelligence service providers nowadays is determining which sources they should use or compile in their solutions for optimal results.

Just like any data analytics tool, the value of threat intelligence platforms will highly depend on what’s been put into them. In fact, you may have all the features to detect threats and even the best experts in the industry to help with interpretation and still have a hard time getting actionable intelligence due to bad sources of data.

With so many threats that abound in the modern world, the last thing you want is to have your specialists chasing down irrelevant, old, or non-existent threats. Basically, threat data that is sourced poorly only increases the risk for any company.

So how can you ensure that the quality of the data in your threat intelligence solutions is ideal? To help you answer that question, here’s a rundown of what attributes you need to look out for when choosing the right data sources, followed by how WHOIS can support threat intelligence efforts.

Quality of Data and Origin

The first thing you want to make sure of is that the threat data you are getting is accurate. After choosing a new source, you can often gather solid metrics that can be linked to a threat or an attack. However, here are a couple of aspects you should consider in your selection:

• The origin of your threat intelligence and how it is obtained, especially since some vendors gather data based on inputs from other sources such as community submissions, and might be doing so without checking for accuracy first.
• The reliability of your threat data, as some information may not be consistently gathered. In short, you need a reliable source—one that is always up and running.

Extent

A wide range of threats are introduced regularly by threat actors, some on a daily basis. If your source is incapable of checking for the latest threats on a global scale, then you’re only seeing a small portion of the overall picture.

When choosing a source for your threat intelligence needs, it’s essential that you consider the extent by which it monitors malicious behaviors.

Age

The main goal when companies decide to use a set of threat intelligence tools is to make sure that they stay abreast of the latest threats. That is why, as a provider, you may want to assess the freshness of the data you get from your own sources. If your service is getting old data, then some of the threat indicators on it may no longer be relevant to your users’ needs.

Uniqueness

Finally, the threat data your solutions offer has to be unique. You want to make sure that you are giving your users new insights into what they can expect these days and even in the future. It’s possible to identify overlaps between what you already possess and the data from a new source. This will tell you if the source you wish to add is indeed valuable for you and your clients.

Domain Names as a Source of Threat Intelligence Data

Today’s threat actors establish their own IT infrastructure to launch attacks more effectively. To reach targets wherever they may be in the world, cyber attackers register domains for various malicious sites and backups in case some of these get flagged and consequently blocked.

This domain registration process leaves a mark, which WHOIS information vendors like Domain Name Stat can capture and report to you in the form of an API or WHOIS database.

As a source of threat intelligence, WHOIS offers quality data that include the contact information of the registrant, his address, registrar, and more on millions of domains across thousands of TLDs on a global scale. This means that you can acquire information on even those that use ccTLDs such as .uk, .fr, .cn, .us, and others. This capacity is especially useful in identifying threats that originate from and target users in specific countries.

What’s more, you can obtain more in-depth background information on all the sites and devices accessing your network and add malicious domains to your blacklist. That way, even if the attacker uses a different email address or name when sending spam, for instance, and one of your company’s employees is baited to click a link on it, as long as that leads to a domain you are already blocking, no harm will be done to your business.

Numerous businesses and enterprises are now relying on threat intelligence solutions and services to keep their assets safe from threat actors. However, providers will have to step up by using legitimate sources for their threat data in order to remain competitive.

WHOIS Database Download and API Access let users do just that, improve a company’s threat intelligence for better threat protection and risk mitigation.

Many years ago, a sturdy firewall was all that a company needed to keep itself safe from external threats. This tool was what sat between the outside world and the inner network, examining ports and protocols to decide what can go in and what stays out. Then things started to change, as they always do.

Then there were new threats capable of gaining entry into applications and systems, and open ports became threat entry points, making the examination of packets as important as knowing where they come from, their type, and where they are going to.

Nowadays, to stay safe companies have to deploy several solutions, content filters, antimalware, and more. Rather than just one solution, enterprises require a wide range of appliances and solutions, each with their own interface, presenting many possible points of failure. Businessed required a better, more efficient way and so unified threat management (UTM) came into existence.

The range of functions offered by UTM became the preferred choice by many enterprises as it was a more practical means compared to purchasing several individual offerings. Despite how robust some UTM products may seem, however, they can still come with weaknesses that can be abused by threat actors. Take a look at these loopholes in the next two sections.

Updates Are Few and Far Between

Perhaps one of the most significant weaknesses that most UTM solutions suffer from is the fact that they get very limited updates. Usually, depending on the vendor of the product, updates are provided between every few months to once a year. With how bad the threat landscape is these days, this is a very long time to go without the latest safety patches.

The reason for this could be that such updates are only released after all systems and software are scanned and subjected to penetration tests. The test findings are only sent to the vendor for remediation after at least a month. Some tests last for three months. Only then can the vendor start creating the patches. As such, users are left insufficiently protected while the patches are being issued.

Lack of Specialization

Another crucial weakness that UTM vendors have is the fact that they provide general protection and therefore do not specialize in any one aspect. Imagine having a multifunctional tool and an entire toolbox on hand. Which of the two would you choose to fix a certain malfunctioning appliance at home? Of course, the toolbox is the more reasonable choice because it far better matches the yet unidentified task.

A UTM, like a multifunctional tool, is designed to take on all types of security threats. This means that it may fail to pay close attention to a specific kind even when needed. As such, a carefully configured malware can still bypass its built-in protocols.

What Can UTM Vendors Do to Address These Concerns?

Even an all-in-one solution can still benefit from the use of third-party tools, particularly in the area of domain intelligence gathering.

The reason behind this is simple: most threat actors today establish their own malicious networks for attacks. To do that, they need their own domain infrastructure. Their campaigns usually involve the use of several websites all the way from the initial stages until the end of their operations.

By making use of TLD and WHOIS data, a UTM vendor can provide clients with up-to-date information on who might be behind a certain attack. This can be especially handy since WHOIS records contain data on any domain registrant. Details such as its name, organization, contact details, location, and more can be found here.

All of these contain crucial registrant information that can be beneficial for cybersecurity purposes. When paired with an effective security solution, the domain registration information can also be used in content filtering. For instance, specialists can identify other domains that are connected to a suspicious domain and have it automatically blocked within their network. This security protocol is essential for clients to prevent accidental access to any flagged domains that could pose a risk.

What Does Domain Name Stat Offer?

Either in the form of a database or API, you get access to more than 5 billion WHOIS records and more than 300 million active domain names — made available by TLD type, TLD, country, and registrar. This means that you will receive accurate information on a wide range of active domains. And these domains span nearly 3,000 gTLDs and ccTLDs to work with.

UTM products have come a long way and are seen by many as an effective approach to safeguarding their digital assets. However, a UTM isn’t a silver bullet and despite being an all-in-one solution, it will still require essential data from other sources.

Millions of individuals and organizations register new domain names or update existing ones each year. By utilizing domain registration data, UTM vendors can gain access to a reliable source of information to extend their cybersecurity capabilities.

Many modern enterprises today have found Security Information and Event Management (SIEM) tools to be invaluable. The reason for this is that these tools have become the eyes and ears of cybersecurity teams, providing them with the ability to identify network concerns and monitor threats.

Yet even the most popular SIEM tool lacks the capability to understand key aspects of a cyber attack, which is crucial for overall situational awareness. This kind of awareness is primarily concerned with reinforcing defenses at all stages of a security cycle — starting from prevention to detection all the way up to mitigation — that ultimately contribute to predicting and preventing future attacks.

Since most network threats today have to do with abusing domains, these SIEM tools can only provide part of the details required. They can tell you the “what” but not always the “who” in an incident, which is essential in assessing risks and improving their defenses.

Additionally, a flagged malicious or suspicious domain is usually just part of a bigger picture. There may be other connected domains, especially if the attack is carried out by a cybercriminal ring. After all, many cybersecurity practitioners have come to learn that knowing the source of an attack could lead them to ways to prevent another. But this requires identifying all the parts of a complex network.

What Most SIEM Tools Do Not Cover

SIEM has become an indispensable component of compliance and threat analysis procedures. But despite being able to provide relevant details on what’s happening within a company’s network, many SIEM tools lack the capability to connect the information gathered on various domains. This is especially true when dealing with more than one attacker.

When talking about cybercrime such as phishing, malware attacks, spamming, botnet-instigated attacks, brand abuse and the like, threat actors use at least one domain or IP address for their vile deeds. That is, cyber threat investigators need to follow several leads so specialists can identify the connections between domains, nameservers, and other data points. This then allows them to paint the bigger picture and identify all the components of an attack. This process is called forensic domain mapping.

What Is Forensic Domain Mapping?

In essence, forensic domain mapping is finding out the relationship between domains based on several data points. It aims to gather as many concrete pieces of information as possible connected to an offending domain. These validated fragments of data are then used to establish links between the original malicious domain and the entire web of other online holdings related to an attack.

But building a forensic domain map is now more challenging than it was before. This is especially true since domain privacy was introduced back in 2003. However, there are still ways for a company to determine links between a domain owner and a network of IP addresses. One way of doing so is by looking at registration records from a WHOIS database download.

What Can a WHOIS Database Download Contribute to an Ongoing Forensic Investigation?

A WHOIS database download provides users with information on active domains that span both the gTLD and ccTLD spaces. This means you can access details on domains that have extensions such as .com, .net, .uk, .ru, and many more.

To streamline the forensic domain mapping process, for instance, many data points can be used from such a service including:

• Registrant’s contact information: In some cases, this can help users identify the actual domain registrant. This can serve as a starting point for creating a web of connections by identifying all domains that the same registrant owns. This tells you what organization the owner is affiliated with, along with where to find and how to contact him. An obscure location (a mismatch in company name and address, perhaps) can be an indicator of malicious intent.
• Registrar: If a domain’s WHOIS information has been kept private, you can still see details about the registrar. In such cases, specialists can contact the registrar to find out more about the domain’s owner. This will, of course, require subpoenas and other similar documents.
• Domain registration and expiration dates: Cybercriminals often register multiple domains to evade detection and blocking. Thus, domains that do not seem to be related but have the same registration dates could be considered malicious.

All of these details can be used to provide additional insights on malicious entities during cyber investigations. This knowledge is especially valuable in case of a security event to quickly identify the extent of a network attack before things get worse.

It is no secret that companies, particularly large enterprises, depend on SIEM tools to reinforce their cybersecurity defenses. Yet not all of these solutions cover everything, especially with regard to external domains. For this, WHOIS Database Download can be employed to gain valuable insights that can assist in completing forensic investigations.

1985 saw the registration of first domain name, Symbolics. Since then, the internet has come a long way. The birth of the digital era gave way to a new type of entrepreneur, the one who has been riding the wave of the internet boom by investing in domain names. Yes, we are talking about Domain Investors, or Domainers!

Over the years, domain name investment has contributed significantly to making smart investors who have foreseen trends, invested, held on to it and generated millions of dollars’ worth in return. To cite an example, lasvegas.com is currently the most expensive domain name which was purchased by the owners of vegas.com for a whopping $90 million in 2005! It, of course, did not cost the original owners anywhere as close to the amount they actually received when they sold it.

Whether you are an entrepreneur, a small business owner or a big MNC, in today’s world you need a domain to mark your online presence. But long before the web became the place to be, patient and smart domain investors had ventured out, speculated the choice of domains, planned their moves and later on, made and are still making fortunes by using their own judgment and market exposure. At present, of all the registered domains, 7.1% are for sale, which is close to 10 million domain names!

How Do Domain Investors Build the Perfect Domain Name to Make a Profit?

Hedging and speculation can be of great value to you if you want to make a fortune from the sale of the domains that you have registered. But it is often easier said than done, to pick that perfect domain name that will help you make millions. If you plan on of buying domains, hedging them and in the end selling them off to make big monies you can follow some of the strategies that are used by seasoned investors.

• Shorter domain names are more popular as they are easier for customers to remember. This helps to add a marketability value to it.
• Generic terms or names commonly searched for can be great domains to invest in.
• Staying relevant and understanding future trends early can help monetize them in the future.
• Look at regions that are growing and untapped markets which could turn lucrative over the next few years.

Domain investors need to build a portfolio of versatile domain names and opt for quality instead of quantity and of course, have the patience to sit on the domain name for a while.

What Are the Risks Associated with Long Period Domain Investment?

Like any other business, even speculative domain investments are not free from risk factors. Liquidity, subjectivity, legality and new innovations pose serious risks to the investments.

From the liquidity point of view, unlike stocks and bonds where brokers play a key role in the purchase and sales, domain names do not revolve around any brokers. To elaborate, they can take several months, years or even decades to earn lucrative income and you basically have to understand your market and also trust your instinct to know when to sell and to whom. This could create a lot of waiting time for the investments to materialize.

Even the subjectivity part affects the sale price of the domains. Unlike stocks and bonds, domain names have subjective valuation, which makes it very difficult to ascertain the right price.

In some rare cases, the legality issues can also rebound and if there is a copyright infringement or trademark violation, it could lead to forfeiting the domain for free.

With the introduction of new gTLDs, the landscape of the internet also seems to be changing and this is opening up completely new avenues to be explored.

One has to keep in mind all these aspects before they venture into the domain arena to make their profits!

With cyberattacks becoming a routine in the business and private sector, certain procedures and tactics are being implemented to ensure that both are kept safe. In fact, the Internet Corporation for Assigned Names and Numbers (ICANN) has recently come into the limelight with their new approach to security online. In a general sense, ICANN helps the internet as we know it to operate efficiently and smoothly by keeping databases and domain systems error-free and prompt. However, among the information that they regulate is a personal piece of data that can be tied back to each domain that has an online foothold. To put it simply, each website, business, blog or review website that we visit is associated with a person or company that registered that domain in its early days. Through ICANN and WHOIS database privacy, this information can be attained by anyone from the general public.

The Double-Edged Sword

But as we soon find out, WHOIS database privacy and registry information acts as a double-edged sword. Although many security researchers and professionals use this information to deem a domain trustworthy or problematic, hackers and crackers may rely on this data to scheme an attack. Hackers and would-be criminals could use the WHOIS data to pinpoint their attacks at targeted individuals that may have pertinent information regarding a certain database. This can manifest itself in a spear phishing attack on a CEO or CTO, finding out what software the company is using for their data storage or even contact information for social engineering.

Light In the Darkness

Although intensive domain name database privacy sounds like the perfect solution to cyber threats, it creates an advantage for prospective attackers to remain anonymous. WHOIS data, in its general sense, could act as validation for specific brands, businesses and individuals that operate within the digital realm on a regular basis. When a user performs a search for a domain's credentials and finds that they're associated with trusted and respected businesses, they're more likely to engage with them. Conversely, the new laws that regulate and hide this information from the public creates a sense of mystery and protection for individuals that wish to steal information.

To illustrate how this works, we can simply take a look at the average user's spam folder. If you're using a mainstream email provider like Gmail or Yahoo, you will notice a large accumulation of spam that gets collected during the week. These messages are tested against WHOIS data to see whether the contents of that email are malicious or legitimate. With new restrictions in domain name database privacy and available information, more spam will make its way into our lives. This will inevitably get ugly when more of the general population, including privately-owned businesses and operations, fall victim to outside attacks. With great information comes great responsibility, and many legitimate security researchers are worried about the stability of technology and user safety moving into the future.

In the last blog, we explored the growth in new gTLDs and the reasons why individuals and businesses are increasingly opting for them. Today, we will discuss how these new gTLDs provide a fresh digital landscape to online businesses by providing opportunities to deepen their digital footprint and build a domain name or even an entire domain portfolio that works for their brand.

1) Establish AUnique Brand Presence

With over 1200 new gTLDs introduced on the internet, there is a great branding potential for businesses. New gTLD extensions allow individuals or brands to clearly specify how they would like to be identified; whether they are a certain product or service, hobby, interest group, business, city, etc. They provide an opportunity to pick a name that best suits their offering by optimizing both the main part of the URL as well as the extension.

You can simply choose which category your website belongs to and have multiple options available at your disposal. For instance, if you are in the real estate business, you can select from over 14 extensions that solely describe that industry eg: .estate, .land, .condos, .apartments, etc. So if you are a realtor selling condos, you could simply get a domain name like buy.condos!

This could open doors for businesses to create shorter, catchier, more relevant and more brandable names.

2) Create A Comprehensive Brand Portfolio

Multinational companies with a wide range of products can now own an entire TLD space for product branding and create websites for each product with their own TLD brand extension. At present, more than 40% of Fortune 500 companies have applied for their own TLD, and among those that have already been released are .apple, .bmw and .microsoft. Brand TLD owners can also give their affiliates or partners access to their own domain names in their TLD space, which can help confirm authenticity and create trust amongst customers as well.

For businesses with a wide range of products, it will provide a straightforward method for organizing their portfolio with an unlimited selection of domain names to market their brands.

3) Get Recognized By Your Customer

New gTLDs can help make your website instantly recognizable to your customer. Since some TLDs are restricted to only businesses within specific industries like .bank for banking institutes or owned by certain brands like .bmw, these TLDs will need to be verified before being registered. This helps prevent fraudulent or deceptive parties from using them, builds customer confidence and creates a secure online environment. By simply checking the domain suffix, consumers will be able to determine if the website is genuine or not.

In addition, with certain TLDs providing exact information, customers can easily recognize the website’s affiliation. For example, the .london extension lets everyone know where the store is physically located and .tips would ideally be used for providing tips on various industries or topics such as finance.tips, career.tips etc.

4) Ideal For Search Engines

New gTLDs could help boost search ranking and web traffic for a business as they offer a chance to get a good keyword rich domain name. Though Google has dismissed keyword richness as a deciding factor for ranking a website, with search engines’ growing focus on location and relevance, the effect could still be especially visible in local search results. Thus, a .london domain could rank more for people searching for businesses in that area.

Also, considering that Google has invested millions in .app, it would be appropriate to assume that new gTLDs are going to be a force to reckon with.

5) Purchase Secured Domains

Domains registered with new gTLDs do not have any history and that could actually be a good thing for businesses. Since they do not have any past domain ownerships or bad backlinks pointing towards them, a business can start afresh and not worry about purchasing domain names that may have had a bad reputation or be associated with links that could adversely affect them.

6) Expand To Non-English Languages

While country-specific extensions like .us, .uk, etc. have been in existence all along, now businesses have the opportunity to reach users in their native languages like Arabic and Chinese. Both local and major international business players can now speak to their customer in the language they use and thereby enhance their brand’s online presence.

Right from providing new branding and marketing opportunities to enhancing security, new gTLDS surely seem to be a trend of the future! And although traditional TLDs like .com will continue ruling the internet space, instead of paying large sums of money to buy an old domain, smart and innovative businesses can now create their own niche and stand out on the internet with the help of these new extensions.

A database with all the contact and registration data for all domain names is of great use to a wide variety of professionals and agencies, especially when you factor in how many websites are added to that database daily. With thousands of domains being registered each day, it's evident that the WHOIS database is a vital resource packed with valuable information.

Quality WHOIS database download services provide access to this vital information arranged to offer valuable insights. The data can be customized for the individual needs of the client and there are many professionals who use WHOIS records for a wide range of valuable jobs and services.

Brand and Trademark Management

Brands are overall experiences for customers that differentiate a company or product from all others and they are vital because they inspire customer loyalty and return business. Brands can be harmed by the poor ethics of others who unlawfully try to exploit reputation that is not theirs to use. WHOIS data services make it easy to watch out for and identify those infringing on brands and trademarks by effectively monitoring new domain name registrations that meet certain criteria. If a similar domain name is registered with only slight character differences or a different TLD or ccTLD extension, it will be detected immediately for further inspection.

Content Management

Through the power of technology, an incredible amount of content is published on the web every day. Some take advantage of that fact to copy someone else’s content or to propagate fakes. When suspicious content is found, what are we to do with it? WHOIS records can give you a great place to start in tracking down the perpetrators who you can contact to request that they take the erroneous content down. You might also use the records to begin legal action if need be.

Economic Analysis

Economists can use WHOIS records to determine how well a specific economy has been performing within a prescribed period of time. Those who work in economics or policymaking can estimate a country's economy by using raw data on how many new domain registrations there are for the area sorted by location and time period. The contact information of registrants can also help them assess the concentration of business activity as well. Knowing the ratio of companies that own multiple websites resulting in several registered domain names can also aid them greatly in doing their jobs.

Law Enforcement

Many law enforcement agencies use WHOIS database downloads to investigate various cyber attacks and to track down perpetrators. Registrant information from those suspected of fraudulent online activity allows law enforcement authorities to obtain invaluable information not available otherwise.

Marketing

With so much business being conducted on the internet now, marketers are seeking any data they can get their hands on to better understand the behavior of consumers online. WHOIS records filtered by certain criteria can be used by marketing professionals to develop stronger marketing strategies.

Security Experts

Everyone, including prospective criminals, is required to enter contact information when a domain name is purchased. The data can then be retrieved from the WHOIS database by security experts to detect suspicious actors who may be sending out malware or running phishing schemes. The WHOIS records often make such perpetrators easy to find, particularly if they offer the same credentials or for several different records fake ones.

Security Researchers

For those who work in fields like threat intelligence, WHOIS data can be just the thing to help businesses prepare for large-scale attacks or identify current cybercrime trends. Researchers can use the data to identify unusual domain registrations in given regions or countries. Suspicious records can be evaluated and added to blacklists if required.

Many types of professionals across different industries use WHOIS records to access information about individuals to serve the general public.

In early 2012, the new gTLD program initiated by ICANN enabled the largest expansion of the domain name system with the main aim to enhance innovation, competition, and consumer choice. New gTLDs were first introduced in October 2013 and by the end of 2014, hundreds of new gTLDs made their way into the Internet architecture. 2019 will now mark 5 years since the first new gTLDs came online and after a few rocky years, new gTLDs may finally be finding their niche in the marketplace. And this comes as no surprise!

Anyone who has ever tried to buy domain names is likely to have experienced a problem that has plagued the World Wide Web since its inception - domain name unavailability. With legacy TLDs like .com remaining the most popular choice all this while, it’s difficult to get good, precise and short dot-com domain names. Also, the prices for short, one-word .com domains in the aftermarket are increasing and are being sold for millions of dollars in domain auctions, the highest bid until now is Insure.com, which was sold for a whopping $16 million. While the .com extension certainly is not going away any time soon (not with over 145 million domains registered as of December 2018), small and large brands alike are now gravitating towards the many hyper-specific alternative extensions available today. According to Verisign, one in five domain name registrations in the last year was on a new gTLD!

Domain Registration Dynamics In New GTLDs From Jan 2016 - Jan 2018

Source: https://domainnamestat.com/statistics/tldtype/new

For the first 3 years, since the introduction of new gTLDs in 2013, less than 10 million domains were registered with new extensions. But with the exponential growth of the web, and the growing demand for domains for personal, professional, organizational, service or even national usage, people started seeing the various advantages that these new TLDs have over legacy TLDs (which we will discuss later in the blog) for their businesses.

Yearly Break Down Of The Graph

In the year 2017 itself, 9 million domain names were registered – the same number of registrations that took nearly 3 years initially. Domain under the new gTLDs for 2018 totals some 22.5 million – up 11% from the previous year. For instance, .app, a new entrant launched by Google, exploded into the market in the middle of the year and has around 320K domains so far.

This tidal wave of new TLDs can be also seen with .info and .top joining the ranks in the top 10 registered domain TLDs, with legacy TLDs in such a short span.

Registrations Distribution, By TLD

Source: https://domainnamestat.com/statistics/tldtype/all

Some of the reasons for the shift to new TLDs in the recent past can be credited to:

• Saturation in more traditional domain name endings like .com, and country code TLDs (such as .uk, .tk and .cn).
• Low registration costs, volume discounts, and refund policies making them economically viable.
• More lenient regulations and ease in registration; people don’t face many issues in accessing their choice of domain names.

Besides these practical reasons, the new gTLDs can be very specific and businesses can opt for TLDs to define their business by

1) Geo Domain Names

Domain extensions representing a business, organization, cultural establishments, or even an individual’s location can be very helpful in strengthening regional business areas and cater to people of the same region where they are based out of. E.g .nyc, london, .dubai, etc.

2) Specialty Domain Names

Professionals in specific specializations can have domain extensions that can explicitly mention the services they offer. E.g. .lawyer, .plumber, .design, .training, etc.

3) Generic Domain Names

Domain extensions that are open for anyone to register, without or with few restrictions. E.g. .info, .books, .cars, .guru, etc.

4) Brand Domain Names

New TLDs applied by companies to represent their brand. These are great for Fortune 500 companies who can now bring their entire products and service portfolio under the same umbrella. Those include .nike, .google, .ibm, .bmw, to name a few. Unfortunately, most of these won’t be open for registration by the public.

5) Internationalized Domain Names (IDNs)

The introduction of IDN – domains in non-Latin scripts – are enabling a multilingual Internet and allowing people to navigate the web in their own language. Some of the different language scripts that are available are: Arabic, Chinese, Greek, Devanagari and more.

With an increasing number of new strings available to the public or to some specific organizations – a total of 1,222 at present, new gTLDs have the potential to be the future of the internet. In our next blog, we will talk about how these extensions are opening doors to new branding and identity options for businesses of all sizes. Stay tuned!

WHOIS is an extensively utilized Internet record listing that establishes the identity and contact information of the owner of a domain name. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates the registration and ownership of domain names. Over the years, the records in the WHOIS database have developed into an essential asset in maintaining the veracity of domain name registration and ownership.

What Is In A WHOIS Record?

Each year, millions of businesses, individuals, organizations and government bodies are registering new domain names. Every time a domain name is registered, certain information must be provided to the domain registrar. This information will include contact details such as the name, address, email, telephone numbers and administrative and technical contact details, which must be accurate and reliable. It is the responsibility of the person registering the domain name (the registrant) to ensure this information is kept up to date. This is generally referred to as "WHOIS data", which is stored within the WHOIS system. Although it is envisioned as a single central database, the data is actually managed by a group of independent entities know as "registrars" and "registries".

Registrars & Registries

Registrars are companies and organizations that have ICANN accreditation and are registry certified to sell domain names. They must abide by the rules of the Registrar Accreditation Agreement (RAA) with ICANN and also by the agreements they have with the registries. Registrars are responsible for ensuring the WHOIS data is maintained, submitting the data to the registries, allowing the public to access the information and complying with the RAA conditions. Domain name registrants may choose to register their domains through resellers who are associated or under contract with registrars. These resellers often offer other services such as web hosting and email. Although resellers are not ICANN accredited, the registrar for whom they are re-selling will remain accountable for any domain name sold.

Registries have the responsibility of maintaining the registry for each top level domain, .com, .net, .org etc. This includes accepting requests for registrations, keeping a database of the domain name registration data and providing name servers giving the location of the domain names throughout the Internet. Registry operators keep a reliable and trustworthy master database for all top-level domain name registrations.

Who Keeps WHOIS Accurate?

ICANN requires that all WHOIS information be accurate for the life of the domain registration period. Prior to 2013, registrars were not required to be proactive and verify or validate the information provided by domain name registrants. Now, under the 2013 Registrar Accreditation Agreement (RAA), registrars must notify registrants annually of updating their WHOIS information, which plays an essential part in ensuring the database is accurately maintained.

With the millions of domains being registered each month and the millions already on the internet, Domain Name Stat has an abundance of information related to domain names and data stored in the WHOIS database. The in-depth analysis is designed to allow you to glean everything you may need to know about domain names.

Domain names are an important way to establish a unique identity, to assign names to numerically addressed Internet resources, and to make network moves possible (globally or locally via an intranet). A lot has changed since 1985, when the first domain Symbolics.com was registered, up until now that we have over 350 million domains in existence! Back then, what most consumers and businesses encountered were a small number of standard Top Level Domains (TLDs), such as .com, .net, .edu and .gov, as well as some country code domains like .fr (France), and .jp (Japan). In 2014, ICANN, the organization primarily behind the governance of the Internet, opened up the world to massive amounts of new gTLDs in response to requests from advertisers and domain speculators. With the explosion of new neighbourhoods on the web and the increasing adoption of the internet and smartphones, businesses and individuals rushed to secure their online identity. While these domains help us to share information, communicate, conduct business, entertain etc, they’re also susceptible to abuse by scammers and hackers seeking to profit from the same.

Some common abuses hurled by malicious entities are:

• Phishing: Domain names that support web pages which masquerade as a trustworthy entity such as a bank or online merchant, but are designed to “phish” for information or install malicious code.
• Malware: Domain names that facilitate the hosting and/or spreading of hostile or intrusive software that installs on end systems without the permission of the user. They can damage a system, steal data, or perform malicious activities on another computer.
• Botnet command-and-control: Domain names aiming to identify hosts that control botnets, which are collections of malware-infected computers that can be used to perpetrate various abusive activities such as denial of service, spam, etc.
• Spam: Domains that are advertised in unsolicited bulk email or used to name spam mail exchange systems. The term spam no longer describes only unsolicited bulk email but has become a major means of delivery for identifiers (domain names, hyperlinks, or addresses) used to support numerous security threats.
• Browser exploits: Attacks and malware that take advantage of vulnerable software.
• Risky affiliations: Sites with links that take the user to a malicious site and sites that have suspicious associations, such as their site ownership, registration, or hosting service.

In the past 5 years, Malware has increased twofold!

This year, even more websites are going to contain malicious codes that steal passwords and identity information, take advantage of browser loopholes, disseminate malware, facilitate command and control (CandC) communications, send spam messages, host scam and phishing web pages, thereby causing a huge amount of loss to businesses as well as to individuals.

.com being the most popular and highly used TLD amounting to 43.57% of all existing TLDs, is obviously also a favourite for bad actors.

Some factors that affect how criminals pick a TLD:

• Lower Price — Cyber criminals prefer registrars with inexpensive registrations, volume discounts, and refund policies.
• Lack of Regulation — Cyber criminals prefer registrars with a no-questions-asked registration. The less information a scammer needs to provide, the better. Similarly, scammers prefer those registrars who act slowly, if at all, when notified of malicious domains.
• Ease of Registration — Cyber criminals prefer registrars that allow them to register in bulk. This is especially true of phishers and spammers who need large volumes of sites to offset a high rate of take-downs by TLD managers.

With ICANN opening up the world to new gTLDs beyond the 22 in 2014, the newer TLDs are popular among spammers and scammers alike because of their easy availability and low prices. At present, we have over 1,500 TLD’s; as the number of TLDs has increased, so have the opportunities for attackers.

.loan TLD at present has 91.1% domains tied to spam or malware dissemination (or both).

In order to keep up to date about domain name registrations across TLDs, security analysts can opt for Customized Reports on TLDs to help them analyse and prevent malicious entities before the damage is done!

Organizations and consumers can minimize their risks against bad TLDs:

• Businesses should consider blocking traffic that leads to risky TLDs. The blocking of all TLDs is obviously not the answer, but there may not be a justifiable business reason for your team to be browsing/accessing .party and .sex related sites. Block and filter where required.
• Misspelled domain names or popularly known online services containing domain ending with any of the above bad TLDs should also raise a red flag.
• Individuals should use caution to click on any links that contain dangerous TLDs if they encounter them in search results, e-mail, or social network environments.
• When dealing with a message from unknown entities, always hover the mouse over a link to help verify that it leads to the address displayed in the text of the link and don’t misdirect you.
• There is a big risk in using free hosting services, hence keeping away from them would be advisable.
• When choosing your domain name, watch out for what kind of domain extension you choose, and ensure you register it with a reputable domain name registrar. Avoid bad neighbourhoods to maintain your online reputation so as to not be blacklisted.

Did you know that something as little as a weather forecast calculation can accumulate data sets reaching the size of petabytes?

For those who haven’t heard the term ‘petabyte’ before, it’s a unit equivalent to a million gigabytes of storage space. The good news is that we have systems in place today that can process big data and internet statistics and convert them into details an average human being could understand.

Shifting to the business of domains, the continuously growing data on registered addresses worldwide can also reach big data status. But after these numbers are processed and turned into accessible domain name statistics, they become highly valuable in various business cases.

A domainer, for example, might monitor international trends on the buying and selling of domain names which can help with business decisions and domain appraisals. Branding agents can use detailed domain registration stats to check which domain registrar would give the most positive impact. Marketing research teams can learn about gaps in their business that need attention. And IT personnel can identify and prepare for new threats in the online world.

Such activities are possible because the processed domain information can be obtained through API access — an interface offering seamless access to relevant data. Let’s take a closer look.

What Data Is Included in the API Access?

API access provides comprehensive information for the benefit of other programs and applications. The data on domain names are broken down into the following feeds: by TLD, by TLD type, by registrar, by country of the registrant. The service then allows users to process the numbers using their own analytics software to identify trends and make predictions.

Here are the types of data you can get about domains:

By TLD

Top-Level Domains or TLDs are the domains at the highest level of the hierarchy.

As part of their proprietary systems or third-party applications in use, API access allows users to view the number of registered domains in a specific TLD, learn how many registrars are working with the current TLD and how many domains are signed with DNSSEC (Domain Name System Security Extensions) — verifying that users are communicating with the correct websites or applications.

It is also possible to check the number of upcoming deletes — i.e., how many domains will be suspended soon.

By TLD type

There are three top-level domain types: Generic, Country, and New.

• Generic TLDs are the primary generic top-level domains such as .com, .org, .net, .edu, .int, .gov, and .mil.
• Country TLDs are top-level domains that are often used or reserved for countries, sovereign states, or independent territories. The examples include .kr (South Korea), .uk (United Kingdom), .ro (Romania) and .eg (Egypt).
• new gTLDs are part of the 1,400 new extensions that were released to cover fields in technology, science, leisure, and more.

By registrar

Registrars are companies that are authorized by the Internet Corporation for Assigned Names and Numbers (ICANN) to sell domain names. Top registrars, the number of TLDs that the registrar works with, the number of registered domains, global market shares, and registered IDs assigned by ICANN are the statistics you can find in this feed.

By country of the registrant

A registrant is an individual or an organization that has registered a specific domain name. The statistics to be expected here include the number of TLDs the country works with, domain name registrations by country, global market share, signed zones, and upcoming deletes.

What Are the Main Use Cases?

The statistics on domain names are beneficial in many ways. Besides allowing you0 to check the specific information on domains, they also provide exclusive insights into the data that would not otherwise be available elsewhere. Here are some situations where such statistics could come in handy:

Domainers and registrars research

As a registrar, wouldn’t it be great if you could check who your main competitors are and how they behave over time? The tools allow you to analyze statistics of domain names and registrars, investigate the penetration of certain registrars in the market, and so on.

Domainers could check out the dynamics of domain registrations in a given top-level domain and relate any trends to global business events that impact them.

Marketing research

Marketers could study which registrars are the most established and make an informed decision when choosing the right one for their needs. Also, knowing which domains are the most popular can give their organization insights into market trends.

Cybersecurity and IT research

Teams in charge of cybersecurity can tackle large-scale attacks and prepare for rising threats. For example, when studying domain statistics, you may observe a certain rise in a subset of newly-registered domains — potentially indicating suspicious activities in that area. It is also possible to analyze the overall cybersecurity landscape, for instance, by looking at how many domains are signed by DNSSEC and where the majority of them are located.

Scientific research

One of the things professionals can do is to prepare surveys, estimate business development in a given region, and study domain expansions across countries.

API access is a gateway to domain registration stats, which provides plenty of practical uses for individuals and organizations looking to get ahead. If you’re interested in learning more on how you can integrate these capabilities in your company, contact us today at service.desk@domainnamestat.com.

Who’s who in malicious activities?

The WHOIS query and response protocol can just be the right source for businesses to find out. The information has been around since the 80s, helping Internet operators identify entities or individuals responsible for operating an online network resource — including those with malicious motives.

Today, these same WHOIS records serve security providers and businesses to perform different verification functions. Domain Name Stat is a good example of a solution provider which gathers in-depth data on registered domains and allows users to access the information for various purposes through its WHOIS database download service.

Let’s take a look at some practical applications for these WHOIS databases.

Phishing Prevention

Phishing is the malicious practice of obtaining sensitive information from an individual or business entity by using infected websites and emails. It is a scam to trick people into handing over their usernames, passwords, and financial information.

Access to current WHOIS records enables users to determine whether someone is telling the truth about their business. Among other aspects, an entity that claims to have been around for several years but whose domain registration details reveal it to be only a few months old will raise questions about its trustworthiness.

Combating Online Fraud

Checking for inconsistencies in WHOIS records could help companies prevent huge losses from online fraud. For example, an entity claiming to be based in a certain country while WHOIS records show otherwise, could be an indication of someone trying to lure you into a fraudulent transaction.

Protection From Brand Infringement

In a competitive environment, many businesses would do anything to get ahead. In fact, malicious entities may register domain names similar to your brand in order to cause confusion among your customers.

Unfortunately, this problem continues to grow. A study by CompuMark reveals that about 80% of their C-level executive respondents claim to have experienced trademark infringement issues in 2017.

If you think a company is in violation of your rights to a trademark, you can double check with updated WHOIS databases and provide authorities with information about the infringers to address the issue immediately.

Safeguarding Business Reputation

Protecting your reputation, especially on the Web, is very important because having a good name is a requisite for success. Any associations with dubious entities or cybercriminals discovered by media or business partners can negatively impact organizations. One of the ways this could happen is by linking companies with previous domain owners involved in malicious activities.

Access to a reliable WHOIS database gives you the opportunity to avoid harmful consequences. WHOIS records allow identifying domain owners to take a look at their track records, as well as to ascertain if a domain has been used for shady activities or if it has gained a negative reputation.

Enforcing Cybersecurity

An FBI crime report claims that more than $600 million has been lost in the US in 2017 due to business and personal emails being compromised. Analyzing WHOIS records are crucial in combating these and other fraudulent activities on the Web.

For example, you can keep track of domain names and email addresses that are used by perpetrators for malicious purposes and compile a list of accounts under them, based on similar registrant data. It would then be possible to block these pre-emptively to prevent further attacks and improve cybersecurity.

Domain Branding

When you’re planning to launch a new product or service and have a list of names that you’re trying to choose from, access to WHOIS records will let you find out whether a specific domain name has already been registered. You can also learn who the previous owners were and verify the integrity of the name itself before you proceed.

Market Research

Wondering what your competition is up to? A WHOIS database download will enable you to check their recently registered domain names and help anticipate the newest products or strategies that are likely to be introduced. Knowing which markets your competition intends to get a foothold on will allow you to devise a countermove.

Economic Research

Access to a WHOIS database enables companies to develop their own techniques for extracting useful information about their business metrics. WHOIS registration data allows economists to perform data mining techniques such as machine learning, graph-theoretic approaches, and heuristics, to name a few.

Law Enforcement

The public records from WHOIS databases make it easier for the authorities to gather evidence and prepare legal cases against individuals or entities performing malicious activities online. They also expedite the location and apprehension of guilty parties, thanks to readily available registrant data.

There are many practical applications of WHOIS database download today. From improving a company’s cybersecurity to getting protection from brand infringement, in-house access to large quantities of WHOIS records allows entities to remain transparent and keep abreast of their competition.

If you’re looking to benefit from a solid WHOIS database for your organization, feel free to contact us at service.desk@domainnamestat.com.

The Internet is a vast cyber landscape

And it’s growing by leaps and bounds every single day.

While this is often a good thing, it can also make it very difficult for those of us who are interested in learning more about specific domains. Often, simply using the website’s “Contact Us” form doesn’t elicit a response from the owner, so we’re left in the dark.

This can be extremely frustrating if you have a pressing issue that demands the domain owner’s immediate attention.

Fortunately, this is exactly why the WHOIS database exists.

What is the WHOIS Database?

Despite how it looks, WHOIS actually isn’t an acronym. Instead, it represents one of the database’s major purpose: telling people who is the owner of a domain or IP address.

The name itself is almost as old as the protocol, which dates all the way back to the 80s. WHOIS was first mentioned in RFC 812, coined by Ken Harrenstien and Vic White in 1982. It was updated in RFC 954, just three years later.

Since its inception, countless people, companies, and government organizations have registered domain names for websites. Nowadays, they may use companies like GoDaddy, Tucows Domain, Namecheap, or any of a number of other domain registrars.

In order to register a domain, the interested party must provide some forms of identifiable information. These usually include their:

• Name
• Address
• Email Address
• Phone Number
• Administrative/Technical Contact Information

This information is often collectively referred to as the domain’s WHOIS data. So, in fact, WHOIS databases do more than just answer “Who is the owner?” It provides other relevant details about that owner, too.

Registrars and ICANN Accreditation

There is no single, centrally-operated WHOIS database where all this information is housed.

Instead, independent entities – called “registries” or “registrars” – manage this important data.

In order to become a registrar, these companies need to first earn ICANN accreditation.

ICANN (Internet Corporation for Assigned Names and Numbers) is a nonprofit organization that’s in charge of maintaining timely, unrestricted access to this information to the public. They are also responsible for ensuring the information they house is accurate and up-to-date.

Therefore, anyone can leverage the WHOIS protocol to look up domain name registrants in the WHOIS database. The whole point of this protocol is to provide free access to the public and do it in a standardized way across all domains.

ICANN is the perfect organization to head this up. Among many other things, ICANN oversees the technical maintenance required by the Central Internet Address pools, as well as DNS root zone registries.

11 Common Reasons for Doing a WHOIS Lookup

So, the WHOIS directory is a lot like a Yellow Pages for different domains. It provides contact information for the domains of different companies and individuals.

Still, that only scratches the surface of what this directory can be used for.

There are actually a number of reasons people and organizations access WHOIS directories all the time.

Here are 11 of the most common ones:

• To find out if a certain domain is available or not
• In order to contact the network administrators to resolve a technical matter related to a domain name’s associated networks
• To diagnose registration problems – WHOIS queries retrieve data that can be helpful for resolving an issue with registration ownership, like the identity of a registrar or creation and expiration dates
• To find the identity, contact information, or business location of an online business, organization or merchant
• To connect an organization, company, or individual to a domain name and find which party is operating a web service connected to that domain name (whether for commercial reasons or other purposes)
• To get in contact with a domain name registrant in order to discuss a secondary-market transaction involving that domain
• To contact the domain name registrant and advise them on their obligation to maintaining accurate registrant information
• To contact the domain name registration about issues related to protecting and/or enforcing intellectual property rights
• To establish or investigate an identity as part of an incident response following an illegal cyberattack (this is often why law enforcement agencies use WHOIS – to identify a domain name’s points of contact)
• To find email addresses related to investigative leads in order to identify alleged perpetrators of a crime and/or their address (again, this is another reason law enforcement agencies use WHOIS)
• To research websites advertised by spam (law enforcement).

Some people even do an entire WHOIS database download – securing hundreds of millions of domain name statistics and other relevant information. This gives them access to all of this helpful information at a moment’s notice.

What WHOIS Cannot Be Used For

One activity you absolutely cannot use WHOIS for is for marketing or spam purposes. ICANN is explicit about this. Anyone who breaks this rule could be prosecuted.

Of course, following through with prosecution is often easier said than done.

As Victor Algaze found out, plenty of people and companies are willing to overlook these penalties and contact people who leave their information public. It turns out that enforcing these laws is actually very difficult. Algaze wanted to see what would happen if “his information” was available to the public through a directory (he provided fake data), so he registered a domain and left this information available to the public. It didn’t take long before all kinds of businesses were contacting him, offering their services.

Note: When registering a domain, you have to provide accurate contact information. Otherwise, you, too, could face penalties.

This onslaught of messages from businesses is why most registrants offer a cloaking service (or include it) to their clients that will keep their information safe.

Domain Privacy and the WHOIS Database

That brings us to one of the most common topics associated with WHOIS directories, which is that of security.

If you’ve never registered a domain before, this subject is of critical importance. Those who don’t understand it risk making an extremely costly mistake – attracting all kinds of unwanted attention from every corner of the World Wide Web. Among others, this commonly includes spammers and identity thieves.

Remember, Alvarez used fake information. So, once his experiment was over, he was safe again. If you make the mistake of allowing the public to offer your data, it might be very difficult to put that genie back in the bottle.

To make matters worse, there are even some services out there that identify when new domains are registered and then disseminate this information to their clients, who immediately begin contacting these individuals and companies – again, despite the aforementioned penalties.

How to Keep Yourself Safe

Fortunately, as we touched on earlier, you don’t have to be a victim just because you want a website.

Instead, you just need to leverage a WHOIS privacy service that will actually treat the registrar into a sort-of proxy for you. So, the WHOIS directory will actually display the registrar’s contact information, keeping yours safe from undesirable eyes.

Again, most registrars now offer some kind of service like this. For example, GoDaddy refers to it as their Private Registration service. They’re far from the only ones, though.

Ideally, you want to implement this defense before you register your domain. This will keep your information from ever entering a WHOIS directory or being indexed by Google and other search engines.

Still, if you don’t already have this service in place, it’s never too late. Contact your registrant or switch to one that offers this kind of protection.

How to Contact Someone with Proxy Information

Recall from earlier that one of the main reasons people use WHOIS directories is because they are interested in buying a domain. They’ve found one they like, but just like with buying a house or building, they need to get in contact with the owner to negotiate.

Unlike with a house or building, it’s not always easy to do this with a domain.

That’s where the WHOIS database is extremely helpful.

However, as we just covered, the contact information often lists a proxy – not the actual owner. In that case, you need to contact the registrar – which will be listed in the directory. A lot of times, you can simply enter the domain you want into their “domain checker” tool and, upon discovering it’s taken, they’ll offer you the option to contact the owner on your behalf.

Interested in Conducting a WHOIS Lookup?

If you’re in the market for one of the common purposes people use the WHOIS directory that we mentioned above, you’ve come to the right place.

In fact, Domain Name Stat does more than just offer you access to this powerful directory. You can also use our site for domain stats and even leverage our Internet statistic API if you have especially unique purposes.

We also break down each Internet statistic point by:

• TLD
• TLD Type
• Registrar
• Country of the Registrant

We also offer custom reports.

If you need anything else or have any questions about our services, our team is here to help and will respond within 24 hours.

Domain names are the foundations on which the Internet was built. In 1985, there were just six of them in the entire world, the first one being Massachusetts-based Symbolics.com.

Apparently, a data lake of 5 billion top-level domains (TLDs) might seem like a wasteland, but for entrepreneurs, domain flippers, private detectives and members of law enforcement, the uses of WHOIS database download are legion.

Of those 5 billion historical registered domains, about 300 million are currently active, comprised of nearly 3,000 TLDs and country code (cc) TLDs.

For entrepreneurs, the WHOIS database downloads offers unparalleled analytics in terms of:

• Registration dates
• Expiration dates
• Similar TLDs
• Duplicate TLDs
• Copycat TLDs

Not only are these valuable tools for finding the perfect fit for your emerging or established business, but they are critical for marketing purposes and brand protection. If you are in the process of acquiring a domain, a website like Domain Name Stat can act as your guide for checking the domain name’s history and information on the registrant. Consider it your equivalent of a service like Carfax for domains, giving you extra insight into where the domain has been and who has owned it.

However, WHOIS database downloads are not limited to entrepreneurs and domain traders. When law enforcement or private investigators look into unlawful online activities, being able to piece together the strands connecting IP addresses, websites, and domains is invaluable to investigations and eventual prosecutions.

It is hard to obtain WHOIS data directly. The WHOIS protocol itself, as defined by RFC 3912 is rather archaic and has its limitations. For instance, it provides data in a not very strictly defined textual form. There were several proposals to overcome this issue by replacing WHOIS with a newer protocol to provide structured data (e.g. RDAP), but none of them has taken off so far. Hence, even to obtain WHOIS data in a structured from which does not need further parsing, one has to rely on services providing appropriate APIs.

Another issue with WHOIS is that even though it is an open, distributed database, the operators of WHOIS servers have a big freedom in introducing limitations on the amount or frequency of queries. If you just need the data of a few domains occasionally, there is no problem. However, if you need many of these data within a short period, you quickly run into these limitations. Again, the use of some API can be a solution. In some cases, however, it is a tempting idea to have your own database with the WHOIS data so that you do not rely on the API provider at all.

There are situations, however, when you need a large, possibly full and complete set of WHOIS data. Any kind of complex research for trends or structures in registrations, no matter if it is for marketing purposes, domaining purposes, IT security or legal investigation, or even fundamental research is typically a big data research tasks with WHOIS data as input. And this frequently includes also historic data which are not at all available by default in the WHOIS system.

In several applications various statistics of domain registrations are sufficient to obtain the relevant information. These are also provided at domainnamestat.com, optionally even in the form of custom reports. But what if you have a particular, more sophisticated research goal which needs special tools to process the data. You may want to use some more sophisticated big data tool (such as solr or ElasticSearch), or some custom piece of analytical software to find the information you really need. There is no other option here: you need a complete set of WHOIS data, possibly including the historic part, available locally on your infrastructure.

DomainNameStat.com is there to provide you with these data. We have been specialized in collecting and normalizing WHOIS data for several years. This activity requires a tremendous infrastructure as well as special expertise and development of custom software for WHOIS data collection and parsing. Many data sources have to be addressed, including WHOIS servers, proxies, zone files, DNS sensor networks, etc.

As a result, we can provide complete and structured WHOIS databases including historic data for downloading. Using our download services you can find the data you need. The data sets are organized along various aspects to meet your requirements. The level of details range from listings of newly registered or dropped domains to fully detailed WHOIS information. The data are available for generic top level domains as well as country code top level domains, possibly categorized by registrant countries. We release quarterly WHOIS databases as well as daily updates.

You can also choose from different formats of data. We provide MySQL dumps as this popular relational database management system is used quite prevalently. The simplest and most portable format, however, is csv (comma separated values). These files can be processed directly and imported by virtually any database management system or big data tool, including ElasticSearch or solr.

The data can be downloaded via web access or ftp protocol. Naturally, we provide detailed documentation for the data and client-side scripts in support of downloading the data, loading them into databases, etc. We have numerous clients worldwide, ranging from independent IT security investigators through scientific research groups to big companies, who have used our data successfully in many of the aforementioned applications. So if you are in the need of bulk WHOIS data, you may also become one of them.

The amount of data that can be possibly generated, collected or processed with computers is well beyond our imagination. In high-performance computing applications, such as, e.g. in weather forecast calculations, the size of data sets is of order of petabytes. But what are we interested in, after all, when looking at a weather forecast? A few lines of information describing what the weather will be like in the next few days. Or, maybe, a weather map which is a file still not bigger than an average family photo. This illustrates that in many cases we need a huge amount of data, but the data size of the real information we need to get out of it is really small. Of course it does not mean that we do not in fact get very much information from this small-sized result dataset.

In the domain business, the data available on domain registrations, when considered globally and, especially, in time, can also reach at the domain of big data. But do you need all these data? Frequently the answer is no.

A domainer buying and selling domain names, for instance, can be interested in global trends to make well established business decisions or for domain appraisal. For instance, characterize the dynamics of domain registrations in a given top-level domain or country. Investigate the penetration of certain registrars on the market. Relate domain registration trends to global business events affecting them. Analyze statistics of domain names and registrars. And many more interesting questions can be posed which can all be answered by processing an enormous dataset, yet resulting in a few numbers or data records, which are, on the other hand, extremely informative.

And these questions are not only relevant for domainers. They bear importance in marketing research, branding, IT security, and even in scientific research. Which registrar to choose in order to establish a well-established brand? As a registrar, who are the main competitors and how does the competition behave in time? Are there any business gaps worth filling? Is there a new large-scale threat preparing? This can possibly be predicted, e.g. from the behavior of domain registrations as phishing attacks require a significant amount of short-lived domains. The entrepreneurship of a country or a region is also reflected in the behavior of domain registrations. Altogether it is apparent that cumulative data of domain names can be very useful.

But in order to obtain this information, a huge amount of data has to be collected and processed, which is an activity facing many obstacles. To name the most relevant ones:

• To process big data, you need a significant hardware infrastructure. The amount of global domain registration data is of order of several terabytes even in the case of a snapshot, not to speak about storing and processing historic data. You need a lot of powerful computers to do this, which is a significant investment and the operation costs are also not negligible.
• Obtaining and processing domain data, e.g. from the WHOIS or DNS ecosystem requires a significant know-how. You have to either hire experts or do a lot of custom software development in a rather special domain.
• You will run into a lot of technical and legal obstacles. For instance, WHOIS is one of the primary sources of domain data. It is a global distributed database, and many operators of WHOIS servers pose limitations of the amount of WHOIS queries that can be performed in a given time period. As domain data typically contain personal or company data, when collecting and processing them, you need to respect data protection regulations which can be very complex as they can differ for countries, TLDs, etc.

And even if you overcome these difficulties, from the point of view of information you make several efforts in vain. In many cases, for instance, you are not at all interested in individual domains, nor the personal or company data involved in the detailed datasets, which can generate a lot of legal issues (just consider the dramatic consequences of the European Union’s new General Data Protection Regulations). Many global trends can be well identified without this sensitive information.

How much easier life would be, if you could obtain just the very information you need…

The solution: domainnamestat.com

So it is time now to take a look at domainnamestat.com, the page where you probably have found this blog. If you take a look, it is likely that you find a lot of information you need, for free. There are domain registration statistics broken down for countries, top-level-domains, registrars, etc. The data are available from 2015 on, with a monthly resolution.

How is this possible? Domain Name Stat, LLC is a well-established company specialized in collecting and processing domain data with several years of experience. We have everything needed for producing accurate domain statistics and other cumulative data:

• Detailed and complete domain data (WHOIS databases, DNS zone files, etc., which can also be purchased if you are really in the need of detailed data),
• Proper infrastructure to collect, maintain and provide these datasets, and
• High level of expertise in collecting, processing, and analyzing these data.

Hence, we are in the position to provide this information with high reliability, for free. In addition, there are no sensitive data involved on individual registrants. Just the statistics you need.

So maybe you have found the data important for you on this webpage. But what if you need them in a programmed environment, e.g. for processing with your own analytics software. The good news is that you do not need to implement a scraper for the page. The data are also available through RESTful APIs.

And what if you need statistics in a different structure, or with a different resolution, etc. In addition to the data you can find easily at domainnamestat.com, we also offer the generation of custom reports based on the detailed and complete databases behind.

If you are interested in the API or some custom reports, please do not hesitate to contact us at service.desk@domainnamestat.com.