SecurityTrails Blog · Mar 27 · by Esteban Borges

Popular Domain Privacy Guard Email Address Schemes

Reading time: 3 minutes

Domain Privacy guard email services can be used to hide the real identity of the domain owner, along with the email address and other contact information. Here we take look into the different strategies for guarding your identity.

Guarding your email services can be pretty useful to prevent large domain exposures like we covered in these articles in the past: Exposing 3,450 Trump's Family domains, and Uncovering 5,707 Hilton Empire's Domain Names. In those cases we were able to explore their entire domain network with just their email address.

Domain Privacy guard email services are pretty common among Internet services today. These services are basically used to hide the real identity of the domain owner, as well as their email address and contact information.

WHOIS protection is to safeguard your privacy, which includes reducing identity theft, hiding your physical location, telephone number, email address, among other benefits, such as reducing the incoming marketing spam.

90% of the existing domain TLDs can be protected using guard email addresses provided by domain registrars. Only a few selected TLDs cannot use domain privacy services such as .CO.IN, .CO.NZ, .CO.UK, .IN, .JP, .US.

One of the most desired things, when you purchased a private domain registration, is the ability to hide your real email address. Instead, the domain registrar will show their own private email address.

Now, let's explore the most popular email schemes used by domain guard services.

Most common domain guard email address schemes

WHOIS privacy services always use a fake or dummy email address to protect your own. We started digging to see which were the most common domain guard email address schemes, and this was the result of some of the most popular whois guard service providers. email address scheme, for example, is [email protected]. Example:

[email protected]

They seem to hash the original user's mail address somehow, or hash internal client data, which results in an email address like [email protected], where "xxxxx" is a specific number for each customer. uses a different scheme, they use [email protected] as the private email used for contact information. Example: [email protected], a popular domain registration, and WHOIS privacy provider, seems to be using this email address scheme: [email protected]. Example for 34a20d94330a943d6689def6[email protected]

As you can see in the following screenshot:

Changing registrant email address

This random code changes every 14 days, so it will never be the same for future whois requests., another popular domain registrar, seems to be using [email protected], for example: [email protected]

The random code changes from time to time, same as with Moniker. will also show a dummy email address to protect your personal email. Their email protection scheme will use [email protected] for Contact, Admin and Tech email address. uses almost the same email scheme as, using [email protected]. For example [email protected]. will protect your information by hiding your name, address, phone, and email address. The email, in particular, is protected by their own privacy address: [email protected], example: [email protected], on the other hand, seem to be using a generic email address [email protected] for all technical and administrative details of any of their protected domains. is an old web hosting provider who also offer domain registration services. Their WHOIS privacy service offers [email protected] as a private email address for your whois domain information.

In a future showcase, we will show you how this information can be used in order to expose this "private whois" to associate domains with their real owners and bypass the whois protection.

In the meantime, go ahead and start playing with SecurityTrails, explore DNS servers, IPs, domains, as well as WHOIS information.

Esteban Borges Blog Author

Esteban is a seasoned cybersecurity specialist, and marketing manager with nearly 20 years of experience. Since joining SecurityTrails in 2017 he’s been our go-to for technical server security and source intelligence info.

Subscribe to the SecurityTrails newsletter
Sign up for our newsletter today!

Get the best cybersec research, news, tools,
and interviews with industry leaders