After analyzing 21+ million newly registered domains (NRDs) added from 1 January to 31 March 2024, our researchers found that the new domain registration volume declined by about 32% from the previous quarter.
These NRDs were gleaned from the Newly Registered Domains Data Feeds, further revealing the following insights:
- The TLD type distribution of the Q1-registered domains
- The most used generic top-level domain (gTLD) and country-code TLD (ccTLD) extensions
- The most popular registrars
- The most used gTLDs and ccTLDs among the malicious domains detected as indicators of compromise (IoCs) in Q1
An overview of the key insights from the report is presented below. You may also access the complete “Global Domain Activity Report: Q1 2024” here.
New Domain Registration Patterns
Domain activities offer a unique perspective on the health of the global digital market. A surge in registration often signifies growth in digitalization, with more businesses establishing their online presence. Conversely, a decline may suggest a slowdown in new business ventures. We can identify localized digital activity patterns by analyzing ccTLD data alongside these trends.
In Q1, we detected a decline in both gTLD and ccTLD domain registrations compared with Q4 2023. This decline was more pronounced for ccTLDs, which dropped by 42.7%. While the gTLD registrations also decreased, they did so to a lesser extent (28.7%).
After ranking the NRDs’ gTLD and ccTLD usage, we found that, as in the previous quarter, .shop and .store remained among the most popular. Our registrar distribution analysis continued to support this finding, with e-commerce hosting providers Squarespace and Alibaba among the top 10.
Analysis of Confirmed IoCs
Our report also delved into 3.2+ million unique domains flagged as IoCs in Q1 as seen in the Threat Intelligence Data Feeds. We then analyzed their TLD usage and found that popular TLDs like .com, .org, and .net were among the most used. The malicious domains were also seen sporting ccTLDs, including .ru and .cn.
It is also interesting to note that among the Q1 IoCs, some ccTLDs had a higher number of existing malicious domains compared with the number of new domains registered with the same extensions.
For instance, 24,437 .to domains were flagged as malicious in Q1, while only 714 sporting the same ccTLD were registered in the same period.
“Global Domain Activity Report: Q1 2024” delivers high-level DNS insights, revealing global domain registrant behaviors. This report empowers users to make data-driven decisions based on knowledge of domain activities, preferences, and usage patterns for business and cybersecurity purposes.
Don’t hesitate to download the full report or contact us for more information about accessing domain, DNS, and cyber threat intelligence for your organization.
Source: Original Post