Skyislimit
Established Member
- Impact
- 3
This field touches on OSINT and threat intelligence. Not only whois info is looked at, but also all kinds of other patterns such as unique (verification) TXT records, MX records, unique SPF records, unique verification name servers, TLS info, old whois info, name server changes that occur simultaneously, concurrent domain registrations, hosting IPs, shared registrars, Adsense IDs, social media accounts, and many, many other variables. Suppose you have 1 ccTLD domain in your portfolio for which whois privacy does not apply, then this can immediately reveal information in the larger dataset about all other domains in your portfolio for which privacy is enabled. Another example could be that you briefly remove the privacy of a domain to make a domain transfer possible / easier. Publishing your domain sales can also help with information gathering, even retrospectively.Do reverse whois searches still work since privacy came in?
Thanks for the reply it makes a lot of sense.This field touches on OSINT and threat intelligence. Not only whois info is looked at, but also all kinds of other patterns such as unique (verification) TXT records, MX records, unique SPF records, unique verification name servers, TLS info, old whois info, name server changes that occur simultaneously, concurrent domain registrations, hosting IPs, shared registrars, Adsense IDs, social media accounts, and many, many other variables. Suppose you have 1 ccTLD domain in your portfolio for which whois privacy does not apply, then this can immediately reveal information in the larger dataset about all other domains in your portfolio for which privacy is enabled. Another example could be that you briefly remove the privacy of a domain to make a domain transfer possible / easier. Publishing your domain sales can also help with information gathering, even retrospectively.
Does contact info get recorded even if all happens in minutes?Another example could be that you briefly remove the privacy of a domain to make a domain transfer possible / easier.
Not by every partyDoes contact info get recorded even if all happens in minutes?
I've just found out another reason why I don't like GD as registrarNot by every party