Among the (very) long list of projects that we’d love to work on here at DomainTools is to extend the DailyChanges data beyond the 6 core gTLDs that it currently supports. People who follow DomainTools closely know that we have made significant investments in ccTLD domain discovery resources. Non-zoned TLDs, which includes pretty much all ccTLDs, present a challenge for mapping the domain graph. Yet new domain discovery is critical, especially in the arenas of network security and brand protection.
Behind the scenes we have been building technology to track ccTLD ‘zones’, and this is the technology that one day will allow us to extend the DailyChanges domain+namerserver data out to hundreds of TLDs. Recently, we’ve seen some odd volatility in the .cn zone, so we thought we’d point out one instance.
Various data sources put the .cn zone size at about 7.8 million domains as of June 2013. According to our internal systems, between Sep 19th and Sept 25th, we saw 480,203 domains ‘drop’ from the .cn zone, all configured to use either ns1.do94.cn & ns2.do94.cn or ns1.ee28.cn & ns2.ee28.cn nameservers. We’ve long suspected these nameservers to be used in some sort of speculative/domain tasting activity.
We already saw a similar drop of 180,000 domains between Sept 6th and Sept 10th which showed up in the .CN drop list on the 22nd and 25th. Since the pendingDelete cycle for .cn is 15 days, we expect to see the over 480,000 domains drop in that droplist sometime between Oct 4th and Oct 10th.
So over 7 days, the .cn zone lost at least 6.2% of the domains in the zone, all from 2 very large nameservers. That’s an enormous change. Can you imagine .com losing 6% of domains in one week?
Below are some example domains from the two nameservers. All the domains are in pendingDelete and inactive status.
The tasting pattern is pretty obvious if you analyze domains on these nameservers. And as an interesting side note, most of them use ‘firstname.lastname@example.org’ as their whois email. There are over 2.5 million domains with that ‘privacy service’ email. Pretty much all of them are the the registrar Dnbiz Limited in China.
Category: Domain Tools Updates