ProxySG & Advanced Secure Gateway

A Look at .Pro, the Original Premium TLD 

08-09-2017 03:11 PM

[This is #21 in our on-going series on Shady TLDs. Links to the previous posts are found at the bottom of the page.]

 

A Bit of History...

Way back in the old days of the Web, when "all of the good domain names were taken" on .com, there was an initial expansion of new TLDs (including .info and .biz, which unfortunately ended up largely misused as junkyards for shady domains). One of the new TLDs in this group (back in 2004) was .Pro.

.Pro was conceived of as what would now be called a "Premium TLD" -- that is, a .pro domain would cost more than a domain on a normal TLD like .com, because it would carry a certain cachet that a normal .com (or .info, or .biz) domain would not. (I remember looking into .pro domains a decade or so ago, and pricing was several hundred US$ a year, or roughly ten times the going rate of a .com domain.)

.Pro domains were supposed to be reserved for "licensed professionals" (think doctors, lawyers, etc.). In fact, registrants were supposed to provide documentation about their licenses as part of the registration process. A few years later (2008), the list of eligible licensed professions was expanded (including Educators, Physical Therapists, CFAs, and many more).

 

In this early era of .Pro domains, I don't remember encountering very many shady sites; it certainly wasn't on our radar in the same way that .info and .biz were...

More recently (2015) however, .Pro dropped the "licensed professional" requirement, and I've seen .pro domains offered for less than $10 each. Consequently, as you might predict, this shift in .pro registrations is reflected in a higher rate of shady usage...

 

2017 Q2 Top Ten List

Because of .pro's interesting history, I had intended to profile it at some point. Especially when I saw it showing up fairly high in our "Shady TLD" list (it's currently at #40 as of the end of Q2, with 93.95% of its domains rated as shady in our main database.) That may sound like a lot (and it is), but it's not even close to cracking the Top Ten:

Rank TLD Percentage of Shady Domains (All Time) *
1 .country 99.95%
2 .stream 99.70%
3 .gdn 99.59%
4 .download 99.49%
5 .racing 99.29%
6 .xin 99.22%
7 .men 98.90%
8 .kim 98.79%
9 .science 98.72%
10 .bid 98.71%

* As of the end of June, 2017. Shady Percentage is a simple calculation: the ratio of "domains and subdomains ending in this TLD which are rated in our database with a 'shady' category, divided by the total number of database entries ending in this TLD". Shady categories include Suspicious, Spam, Scam, Phishing, Botnet, Malware, and Potentially Unwanted Software (PUS). Categories such as Porn, Piracy, and Placeholders (for example) are not counted as "shady" for this research; if they were, the percentages would be higher.

 

Movement-wise, there were only minor changes from the Q1 list (.loan, .mom, and .online dropping out -- but just barely -- and .men, .science, and .bid moving in).

Also of note, if you follow the TLD space, is that the total count of valid TLDs (according to ICANN's list) is at 1,547 as of today (Aug. 9th).

 

Caveats

As always, we caution against reading too much into the relative positions of TLDs on this list. Rankings are very fluid from quarter to quarter.

Also, we are not advocating setting up policy to block all domains on all of these TLDs. Any such recommendation would come only after more research into a TLD. In particular, .xin is rather popular in China, as is .kim in South Korea, and it would not be wise to automatically block such domains if you do any business there. Also, several TLDs have percentages based on lower numbers of domains than some of the other TLDs in the list.

In general, it's better to leave shady domain blocking up to the professionals...

 

A Closer Look at the ".Pro-file"

Pulling a recent week of worldwide WebPulse traffic to .pro sites showed the following category breakdown for the top 100 sites:

Category Count / Percentage
Suspicious 24
Scam 2
Malware 2
Porn 12
Piracy 5
Placeholder 3
WebAd 16
Other legit/normal Category 36

 

In other words, in recent traffic, only 28% of the Top 100 sites were "shady" by the strict methodology of counting only the security-related categories (in Red). If we add in the "arguably shady" categories (the ones in Yellow), then the shady percentage climbs to 48%.

That means that over half of the Top 100 sites are arguably normal/legitimate sites (although, interestingly, exactly *none* of them appeared to belong to "licensed professionals").

 

Conclusion: As with some of the other Shady TLDs we've profiled, we don't recommend a blanket block of all .pro traffic. It's a fairly popular TLD, especially in certain countries (like Russia), so you should leave decisions about which domains to block up to the ".pro-fessionals".

 

--C.L.

@bc_malware_guy

 

P.S. For easy reference, here are the links to the earlier posts in our "Shady TLD" series:

.country

.kim

.science

.gq

.work

.ninja

.xyz

.date

.faith

.zip

.racing

.cricket

.win

.space

.accountant (and .realtor)

.top

.stream

.christmas

.gdn

.mom

Statistics
0 Favorited
0 Views
0 Files
0 Shares
0 Downloads

Tags and Keywords

Related Entries and Links

No Related Resource entered.