Domain Name

A domain name is a string made up of labels separated by dots (.) that’s often mapped to an IP address or another record type by using the domain name system (DNS). One example is, which is the domain name of the company Google.

IP Address

IP addresses are unique identifiers made up of numbers and dots used on the internet to identify an endpoint. IP addresses can be in either IPv4 or IPv6 format. Different IP address ranges have been reserved for different uses such as public and private use. One example of an IP address is, which at the time of writing is an address used by the company Google for the domain


The DNS is an internet service that lets users and systems translate domain names to IP addresses or to get other data elements for a domain name. It’s a little bit like a phone book that can contain many pieces of information about a domain name. One example of how the DNS can help is to find the server IP addresses of a domain name so you can locate its website or where to deliver email for users of a domain.

Domain Discovery

This is the process of finding domain names using a number of sources and techniques.


A subdomain is a domain that’s a child of another domain. One example of a subdomain is, which is a subdomain of There can be many levels of subdomains. For example, is a subdomain of


We use the term namespace to refer to the entire tree/hierarchy of domains under a domain. As an example, the namespace for includes all subdomains under

Domain Name Lifecycle

We use the term domain name lifecycle to refer to the process of creating, managing/operating and decommissioning a domain name. This process may be conducted by registering a domain with a domain name registrar and then renewing it for a number of years before deleting the domain. Another example is when a developer inside your organisation configures and makes a new subdomain active, then uses it for whatever purpose he wants. They may or may not delete (decommission) it when it’s no longer needed.

Decommissioning of Domain Names

The term decommissioning of domain names refers to the process that’s implemented when a domain name is no longer needed. One example of decommissioning a domain name is when you no longer renew your domain name at your registrar and it’s deleted from the registry. Another example is when a subdomain is no longer needed and you add records to it to make it as safe as possible. The UK’s NCSC has some great guidance for how to protect your decommissioned domains.

Apex Domain

The term apex domain is often used for a domain that doesn’t contain a subdomain part. Examples of apex domains are and Apex domains are also sometimes known as base domains or naked domains.

Top Level Domain (TLD)

A TLD is a domain name that doesn’t contain any subdomains. Examples of TLDs are .com and .uk. There are four main types of TLD in operation on the public internet today:

  • Country Code TLDs (ccTLDs)
  • Generic TLDs (gTLDs)
  • Sponsored TLDs (sTLDs)
  • Non-ICANN regulated TLDs like .onion

Private networks sometimes operate their own TLDs in the form of .local or similar.

Second level domains that are operated as public registries are also sometimes referred to as TLDs, although they’re not strictly TLDs. Examples of these are and


A domain registry operates the system and services required to manage the delegation of domain names. This often includes managing the core nameservers for a domain and the systems required to keep registration information about the domain. Examples of domain name registries are Verisign for .com and .net and Neustar for .biz


A domain name registrar is often a reseller for a registry that manages the end-user relationship and provides tools for customers to manage their domain names. Examples of registrars are Godaddy, Network Solutions and Google.

Public Core

The term internet public core refers to the services that keep the core of the internet operational like packet routing and forwarding, naming and numbering systems. The DNS, IP and BGP are systems included in the public core.

Domain name hijacking

Domain hijacking is the process of changing the configuration or registration details of a domain name without its owner’s original registrant’s permission, often by abusing privileges at domain registrars or hosting providers’ hosting and registrar software systems. Domain name hijacking can happen at the apex domain level, where a compromised registrar account may allow someone to change the details of or even steal your domain. Domain name hijacking can also happen at the subdomain level, where nameservers or other details can be modified due to configuration mistakes or compromised DNS or other accounts. DNS hijacking can be extremely serious as someone could take over your domain and there may be no way for your users to know about it as certificates, email SPF, DMARC and DKIM records may be entirely valid. This may be a business-ending event for certain types of business.

DNS records or DNS resource records (RRs)

DNS records are the records stored against a domain name in the DNS. Examples of these are A records that contain IP addresses and MX records that contain domain names that point to mail exchangers or the “post office” for a domain name. You can find out more about DNS record types here.


The border gateway protocol is the main protocol used to exchange routing information on the internet. This service is often poorly understood and, like DNS, many catastrophic internet outages have been caused by misconfiguration or hijacks related to this service. One example of the serious issues which this system can introduce is the Facebook, WhatsApp and Instagram outage of 2021.


We use the term endpoint to refer to the host a domain name points to. Examples of endpoints a domain can point to include a web server serving a website, a VPN service, an FTP service and many, many more


A host is a computer or another type of device connected to a network.


A hostname is a label that’s attached to a device connected to a network. If a hostname has a DNS domain name appended, it’s sometimes referred to as a fully qualified domain name.

Fully Qualified Domain Name (FQDN)

A fully qualified domain name is a domain name that includes all the elements of the domain with no ambiguity. This includes the top-level domain and the root zone. A FQDN usually also includes the trailing dot to indicate the root zone of the Internet. Examples of FQDNs are and

Internet DNS root zone

The internet root zone is the DNS zone that contains the top level of the internet. This zone is operated and managed by ICANN/IANA and contains the details of TLDs such as .com and .uk. For further information, visit the Root Zone Database and the list of root servers and who operates them on the IANA website.