Chose your color

Frequently visited

Frequently asked questions

  • I am looking for a domain name registrant. Where can I look it up?

    The Whois is an easy-to-use tool for checking the availability of a .nl domain name. If the domain name is already taken, you can see who has registered it.

    On the page looking up a domain name you will find more information about what a domain name is, how the Whois works and how the privacy of personal data is protected. Alternatively, you can go straight to look for a domain name via the Whois.

  • I would like to transfer my domain name to another registrar. What is the procedure?

    To get your domain name transferred, you need the token (unique ID number) for your domain name. Your existing registrar has the token and is obliged to give it to you within five days, if you ask for it. The procedure for changing your registrar is described on the page transferring your domain name.

  • The details registered about me/my company are incorrect or out of date. How can I get them updated?

    To update the contact details associated with your domain name, you need to contact your registrar. Read more about updating contact details.

  • Why is my domain name in quarantine?

    When a domain name is cancelled, we aren't told the reason, so we can't tell you. You'll need to ask your registrar. The advantage of quarantine is that, if a name's cancelled by mistake, you can always get it back.

    One common reason is that the contract between you and your registrar says you've got to renew the registration every year. If you haven't set up automatic renewal and you don't renew manually, the registration will expire.

  • Ik heb een klacht over mijn provider/registrar. Kan ik daarvoor bij SIDN terecht?

    Wanneer je een klacht hebt over of een geschil met je registrar dan zijn er verschillende mogelijkheden om tot een oplossing te komen. Hierover lees je meer op pagina klacht over registrar. SIDN heeft geen formele klachtenprocedure voor het behandelen van een klacht over jouw registrar.

  • What conditions do I have to meet as a registrar?

    Would you like to be able to register domain names for customers or for your own organisation by dealing directly with SIDN? If so, you can become a .nl registrar. Read more about the conditions and how to apply for registrar status on the page becoming a registrar.

More frequently asked questions

"Cybercriminals keep coming up with new dodges"

Fighting abuse to keep .nl safe

Close-up of the heads of a cat and a mouse looking straight into each other's eyes.
  • Wednesday 24 April 2024

As .nl's operator, we work hard to stop internet abuse within the domain. That's why .nl is one the most secure internet domains in the world. "Working to prevent abuse is part of our commitment to problem-free, opportunity-rich digital living for everyone," says SIDN's Process Specialist Chiel van Spaandonk. "Tackling internet abuse is very important and always will be, because cybercriminals keep coming up with new dodges. It's a sort of cat-and-mouse game, in which we're constantly responding to keep internet users safe." Chiel and Danielle Hermsen, SIDN's Support Manager, talk about our approach to security, our Transparency Report and the ban on privacy and proxy registration services within .nl that we introduced in 2023.

Actively tackling internet abuse

Danielle Hermsen, Support Manager at SIDN

Fighting abusive and criminal activities in the .nl zone is one of our core activities. We tackle malpractice in a variety of ways and in partnership with various other organisations. "Regulatory bodies and the police know they can turn to us whenever they come across anything involving the use of domain names for malicious practices," says Chiel. "We fight phishing and malware by reporting detected issues to the registrants, registrars and hosts of any .nl domain names that are involved, and asking them to take urgent action to end the abuse. That's really important, because a survey of SIDN Panel members found that 70 per cent of them were getting between 1 and 3 malicious e-mails a day. Sometimes, if the people we've reported the problem to don't take action, we have to disable the domain name and website ourselves. We also do that if the registration data can't be verified. Disabling a domain can have far-reaching consequences, so we don't do that lightly. We carry out a thorough investigation to make sure that there's malicious intent before we intervene.

Another way we address abuse is by working hand-in-hand with SIDN Labs to translate research into practice. The Labs team does various types of work, including research for us into domain name abuse. The findings have been used to develop RegCheck, a system we've been using since 2022 to vet all new .nl registrations. RegCheck assigns a risk score to each domain name when it's registered, enabling us to immediately identify malicious registrations and take prompt action. "Using input from our Support team, SIDN Labs is currently working with partners to extend the system," adds Danielle. "We collaborate with various outside organisations as well. For example, we often exchange abuse prevention know-how with DNS Belgium." We also follow the internet sector's Notice and Take Down Code. The NTD Code is a good practice framework setting out how internet industry players should deal with cases of child pornography, discrimination, identity fraud and so on that are reported to them. If a report involves a .nl website and the people before us in the chain have failed to act, we can intervene to disable the site. Of course, we only do that if the site clearly has criminal or unlawful content. We can't take a website off the internet altogether, but we can make sure it can't be reached using the domain name. We also promote the use of modern, open internet standards, both by working with the Platform for Internet Standards and using the Registrar Scorecard, our incentive programme for .nl registrars. Knowledge-sharing is another important part of our approach. We share abuse prevention know-how by organising SIDN TechTalks and webinars, through the SIDN Academy and by publishing practical guides.

Ban on privacy and proxy registration services

Last year, in the interest of effective abuse prevention, we put through an important change for .nl registrants and registrars. Since October 2023, it's been against the rules to register a .nl domain name with someone who isn't the domain's actual controller – e.g. a privacy and proxy registration service provider – named as the registrant. "In practice, people who are intending to use domain names for dishonest purposes often register them through privacy and proxy service providers," explains Chiel. "In order to tackle that kind of abuse, we ourselves and others such as the police need to know who a domain name's effective controller is. So it's vital that the registrant data recorded in our domain name register is correct. Disallowing privacy and proxy registration services is a positive step forward in that regard." Danielle adds, "We're also working with registrars to get existing registrations amended so that privacy and proxy registrations are eliminated from the .nl domain as far as possible. And we're making good progress. Most registrars are willing to cooperate, and are withdrawing privacy and proxy registration services when relevant domain names come up for renewal. Another thing we're doing is approaching people who register .nl domain names using privacy and proxy registration service providers. It's a lot of work for our Support Department, but it's worth it. By making sure domain names are registered with their true controller as the registrant, we can prevent abuse before the names are in active use." The conversion of all existing privacy and proxy registrations is expected to take up to 2 years.

Transparency Report

Chiel van Spaandonk
Chiel van Spaandonk, Process Owner and Abuse Specialist at SIDN

Fortunately, we don't often have to cancel a .nl domain name's registration. All the same, we believe it's important to be transparent about the occasions when we do intervene. We therefore publish quarterly Transparency Reports on our website, which anyone can read. "If you look at the 2023 report, you'll immediately see that we cancelled an unusually large number .nl domain names in the fourth quarter of the year," says Danielle. "To be precise, we cancelled 8,824. That was because we identified 8,000 domain names registered to a single party who couldn't confirm their identity. It was clear that the names had been registered with malicious intent. So we ended the registrations of all 8,000 names to prevent harm to internet users." Chiel points out that "It can be difficult to discern a clear line in the Transparency Reports. Cybercriminals keep coming up with new ways of making easy money by abusing .nl domain names." Danielle: "So we have to keep reacting to whatever types of criminal activity we're observing. For example, you'll get a wave of fake webshops, as we saw a few years ago, and then a spate of some other kind of abuse. Fortunately, continuous process automation is making it easier to respond and enabling us to intervene sooner and more effectively. However, the intervention itself is never automated. We investigate each individual case very carefully. Every decision to intervene involves 2 people, and we only take down a domain name if there's no other choice."

"Although the vast majority of registrants are above board, it's unrealistic to think that the .nl zone can ever be completely crime-free," suggests Danielle. "We nevertheless believe in doing all we can to keep the level of abuse to the absolute minimum. We want to make .nl as unattractive to cybercriminals as we can, so that honest internet users feel safe and secure."

Want to know more about our approach to security? Visit https://www.sidn.nl/en/cybersecurity/our-security-approach and keep up to date with developments at https://www.sidn.nl/en/cybersecurity/news-and-blogs.