Partners With DomainTools To “Identify Serial Cybersquatters”

According to a press release out today,, a “researcher and developer of cybercrime solutions to protect brands and IP assets, today announced the launch of its Serial Cybersquatter Detector (SCD) Network powered by DomainTools®

The SCD Network “instantaneously identifies both the serial cybersquatters exploiting its members’ trademarks, as well as the opportunities to either initiate or join class complaints through the platform.”

“Members thereby reduce their Uniform Domain-Name Dispute-Resolution Policy (UDRP) costs, reclaiming infringing domain names or unmasking the identities of those hiding behind abusive Whois privacy and proxy registrations”

DomainTools powers the SCD Network by supplying the service with up-to-date, accurate information of domain name ownership and typo-squatting variations, as well as monitoring and tracking changes in status of identified targets.

“By leveraging the DomainTools’ API suite and integrating it into their system, the SCD Network provides a turnkey solution for brand owners to significantly reduce their UDRP costs and level the playing field against abusive Whois privacy and proxy registrations.”

Jonathan Matkowsky,  the Founder and CEO of is the former legal director of global brand protection for Yahoo! Inc. and chief IP counsel for Las Vegas Sands.

Personally I would like to see the program in action.

I’m concerned about any system that attempts to “instantaneously” come to any conclusions based on  using pure data.

Think about Estibot type of system that attempts to value domain names on the fly, attempting to identify Serial Cybersquatters without anyone eyeballing the results.

For one what makes someone a Serial Cybersquatters?

3 UDRP loses, or 10 or  100?

Or is it just the amount of complaints?

I’m going to reach out and try to get more information on this but at first blush its seems it could spell trouble and identify people as Serial Cybersquatters in their eyes which are not in domain holders eyes.


ThreatConnect Partners With DomainTools & Farsight Security

According to a press release just out, Cyber Squared Inc. which owns ThreatConnect™, a leading threat intelligence platform, entered into a partnership with DomainTools and Farsight Security, Inc. to provide ThreatConnect users with the industry’s most powerful domain and passive DNS intelligence.

“We know that the most sophisticated and mature organizations are using our data to assess network-counterparty configuration history and associated risk, and to amplify the value of their threat intelligence data. Working with ThreatConnect means that over 2,000 global users are now able to take advantage of our services.”

Using DomainTools’ branded Reverse Whois and Registrant Alert services in ThreatConnect’s Track feature, ThreatConnect customers are able to research malicious domain registrants from the industry’s longest running and most comprehensive searchable database of domain name registration and hosting data.

With Farsight Security’s passive DNS (pDNS), the de-facto market-leading source for commercial pDNS data, analysts can pivot within ThreatConnect to discover new network indicators related to the threats they are most concerned about, providing custom context and the most relevant threat intelligence data.

DomainTools and Farsight Security data services together within ThreatConnect offer users the best DNS based threat intelligence capability on the market.

“We are continuing to expand our data services and to build an integrated platform for threat intelligence that is relevant to our customers,” said Cyber Squared CEO Adam Vincent. “Our customers are the biggest organizations out there, and they need an enterprise-level, best-in-class solution to get the most accurate and up-to-date information on Whois, DNS, and pDNS data. Whether they are investigating malware, a spear-phishing incident, DDOS, or another kind of theft or fraud, ThreatConnect is made stronger through partnerships with services from such leading organizations as DomainTools and Farsight Security.”

ThreatConnect enables analysts to engage in predictive network defense by allowing them to grow their knowledge of threats, discover new indicators, and make associations to adversaries that pose a risk to their networks. A platform such as ThreatConnect allows users to aggregate their data, then analyze it using crowd-sourced intelligence coupled with the ability to search through resources like Farsight Security’s DNSDB and DomainTools’ Reverse Whois and Registrant Alert services, resulting in an extremely powerful platform with capabilities no other company is offering today.

“Passive DNS data has become a must-have for comprehensive DNS research and effective network security forensics,” said Bert Lathrop, Chief Operating Officer of Farsight Security, Inc. “We know that the most sophisticated and mature organizations are using our data to assess network-counterparty configuration history and associated risk, and to amplify the value of their threat intelligence data. Working with ThreatConnect means that over 2,000 global users are now able to take advantage of our services.”

DomainTools data is immediately available to ThreatConnect subscribers through the Track feature.

Farsight Security’s pDNS service is available in Beta now and will be available to all ThreatConnect subscribers in mid-Q2.

Results from both DomainTools Reverse Whois and Registrant Alerts as well as Farsight Security pDNS are available to be chosen as Indicators and associated with tracked Threats or Adversaries within ThreatConnect.

For more information on ThreatConnect, please visit: For more information on DomainTools, please visit: For more information on Farsight Security, Inc., please visit:

“Largest Domain Name Sales Database Ever Built” Launches WIth Over 315K Domains & $1,135,277,224 In Sales

According to a press release we received today the biggest domain name sales database ever built just just rolled out.

The database is at

“”Currently the database has 315,461 domain name sale records totaling $1,135,277,224.00.

Not only you can lookup historic sales, the site also offers amazing stats section where you can fish for tons of interesting information.

Let’s have a quick look on it from different angles.

1. TLDs

While .COM is still the king with more than half of the sales (this correlates with the number of domain names) other extensions are doing surprisingly well.

For instance .ME, #9, topping even .tv and .co.

2. Brokers

Here we can narrow down the whole industry to five big players (Sedo, Moniker + SnapNames, GoDaddy+AfterNIC, TDNAM, NameJet, DomainNameSales), than another few dozens of boutiques.

3. Time

We can observe that overall average domain name prices are falling in the last few years. Especially those for .COM. And then, this year it started to improve.

4. Length

Interestingly, average prices for LLLLL names are higher than those for LLLL and LLL names.

Average historic price for five letter domain names (LLLLL.***)  is $6,060.81.

That for LLLL is $3,641.76.

And that for LLL is $5,653.34.

It looks like names that are too short but not ultra short (two characters) have somewhat less value than those of five characters.

A paradox that intuitively I am still struggling to explain.

Can you?

The longest known domain name sold is a.k.a. private-krankenversicherung-für-selbstä

Well done Sedo!””

The database is available and accessible for free as of now.

Of course only publicly reported sales are included, which probably account for most of site developers issues regarding difference is longer domains selling for more on average than shorter domains.

Architelos Publishes The Second Installment of the NameSentry Namespace Quality Report

Architelos, Inc. announced today the publication of the second installment of the NameSentry Namespace Quality Report.

The report benchmarks the comparative safety of the Internet and its largest Top Level Domains (TLDs) by measuring by the prevalence of security threats such as malware, phishing, botnets, and spam.

The findings indicate a 67% increase of domain names identified and listed as “abusive” by major blocklists from January to September 2013, and that at least 5.5% of newly registered domain names are being used to perpetrate security threats.

“The increase in abusive use of domains is a challenge for the security and domain industries, and for the general Internet-using population.”

Report Finds Increase of “Abusive Domains” and Potential Lessons for New gTLDs

The findings indicate 67% increase of domain names identified and listed as “abusive” by major security blocklists from January to September 2013.

These respected blocklists are used to protect Internet users by blocking malware, phishing, dangerous spam, and other threats.

The majority of the domains on these blocklists were registered for the purpose of perpetrating abuse, with a small minority consisting of domains that were compromised by bad actors. From January to September of 2013, an estimated 5.5% of newly registered domains were listed. “This underscores prevalent practice of bad actors to use domain names for perpetrating security threats and then quickly moving to new ones,” said John Matson, COO of Architelos. “The increase in abusive use of domains is a challenge for the security and domain industries, and for the general Internet-using population.”

The first NameSentry Report covered January to May 2013, was released in July and pioneered the concept of the Namespace Quality Index (NQI).

NQI measures the relative concentration of abusive domain names in any given namespace, thus providing a comparative measure of safety.

Specifically, the NQI measures the “number of reported abusive domain names/million Domains Under Management (DUM).” Taking a snapshot in May and then again in September, of the 15 TLDs with NQI ratings of “Excellent/Green” in the May, only 6% or four TLDs sustained their ranking by September, while the rest slipped to “Good/Yellow.”

This demonstrates the challenge TLDs face to achieve and maintain an “Excellent/Green” rating. The number of “Good/Yellow” rated TLDs increased from 36 in number in May to 45 total in September and represented 63% or the majority of the 72 TLD studied. The number of “Caution/Orange”-rated TLDs increased slightly in number from 14 in May to 15 total in September; and the number of at “Risk/Red” rated TLDs increased slightly from 7 in May to 8 in September comprising 11% of all measured TLDs.

Starting now and continuing through next year and beyond, more than 1,000 new gTLDs will be added to the Internet root. Architelos’ goal in publishing the NQI data and the resulting analytical findings, is to bring greater transparency to the domain name industry and the Internet in general, regarding the prevalence of security threats such as malware, phishing, botnets and spam which start with a domain name registration and depend on that domain name to perpetrate their harm. “We hope greater transparency will encourage debate and open dialogue to leverage collective wisdom on best practices to combat abuse,” said Alexa Raad, CEO of Architelos.

The NameSentry Namespace Quality Report is available for download at Rolls Out Redesigned Site

A reader noticed that has undergone a pretty dramatic designed home page today.

The home page has a much more modern look and feel.

Interestedly which seemed to start out as a product geared towards the domainer community is now highlighting the usefulness of the site as a tool for Law Enforcement and Brand Protection Companies.

According to Tim Chen of, the general context of site resign is really the the homepage which was meant to:
-starting to focus on our buying segments, rather than being what many people think of as a ‘collection of tools for domainers’

-to specifically add content for the enterprise buyers, who have been a fast-growing segment for us.   These are folks that need more than an individual membership (bulk data, custom parsing, group memberships, APIs, etc)

“It’s important to note that our domaining customers remain very important.  ”

“For them though, the DT homepage is not necessarily terribly relevant. ”

“We have a follow-on project to redesign this page: to better service our important domaining clientele.  ”

Here are some pretty impressive numbers of records that are on the front page of the site now:


3.8 BILLION  IP address change events
7.1 BILLION  whois records
2.5 BILLION  name server change events
1.4 BILLION  registrar change events