Domain Abuse: 2021
- Overview
- Definitions Matter
- Registrar Quarterly: 2021-01-01 to 2021-12-31 (All Domains)
- Registrar Quarterly: 2021-01-01 to 2021-12-31 (Active Domains)
- Domain Endings Quarterly: 2021-01-01 to 2021-31 (All Domains)
- Domain Endings Quarterly: 2021-01-01 to 2021-12-31 (Active Domains)
- .co.za ccTLD Quarterly: 2021-01-01 to 2021-12-31 (All Domains)
- .co.za ccTLD Quarterly: 2021-01-01 to 2021-12-31 (Active Domains)
- Note to registrars, registries and law enforcement
Overview
The below statistics shows the advance fee fraud related domain abuse per quarter for 2021 as recorded by Artists Against 419. This records abuse by registrar and ccTLD, exposing the registrars and registries that are problematic and where malicious domains find a foothold to target internet consumers.
The details are broken down by Registrar and TLD/ccTLDs/free sub-domains (previously called Domain Endings in our reports). We do a comparison of malicious domains. We list All Domains per entity vs Active Domains for 2020. It’s our contention that no consumer facing registrar can stop their services being abused. However they most certainly can, and should, mitigate malicious domains. As such the All vs Active comparison is indicative of a Registrar or Registry’s tolerance for fraud.
We include a cumulative malicious domain count column in the Active Domains, showing how many malicious domains were active in total at each Registrar / Registry by the end of 2021.
In a continuation from 2020, in 2021 the South African co.za ccTLD continued it’s pattern growing abuse to remain the second highest abused TLD/ccTLD, growing from 324 domains registered for the year, to 473. We break this anomaly down by registrar to highlight where this abuse came from.
Definitions Matter
The Artists Against 419 definition of a malicious domain is in line with the ICANN GAC and ICANN CCT definitions. We only list a domain name as malicious in incidents where the domain name was deliberately registered to defraud consumers.
ICANN GAC says the following in the ICANN 46 Beijing Communique:
the domain name registration is being used to facilitate or promote malware, operation of botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law.
https://gac.icann.org/advice/communiques/public/gac-46-beijing-communique.pdf
ICANN GAC also has this to say in a Sept 2019 statement on DNS Abuse:
Noting that ICANN community findings demonstrated that “consensus exists on what constitutes DNS Security Abuse, or DNS Security Abuse of DNS infrastructure,” the CCT Review Team referred to DNS Abuse as “intentionally deceptive, conniving, or unsolicited activities that actively make use of the DNS and/or the procedures used to register domain names.”
https://gac.icann.org/file-asset/public/gac-statement-dns-abuse-final-18sep19.pdf
Despite these clear plain language definitions, some registrars fail to honor these definitions, instead trying to define their own (rather self serving) abuse definitions. While the few mentioned abuse types are certainly valid, these limited definitions vs annual IC3 statistics show this disconnect. In turn this gaming leads to much consumer harm with such registrars facilitating cyber crime and money laundering through inaction, further overwhelming already constrained law enforcement resources.
Abuse by Registrar
Registrar Quarterly: 2021-01-01 to 2021-12-31 (All Domains)
| Registrar | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| NAMECHEAP, INC. | 419 | 693 | 522 | 428 | 2062 |
| NAMESILO, LLC | 255 | 242 | 356 | 91 | 944 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 243 | 272 | 170 | 167 | 852 |
| OWNREGISTRAR, INC. | 34 | 123 | 187 | 63 | 407 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 141 | 56 | 36 | 19 | 252 |
| REGISTRAR OF DOMAIN NAMES REG.RU | 39 | 124 | 59 | 5 | 227 |
| GODADDY.COM, LLC | 60 | 80 | 25 | 17 | 182 |
| 1API GMBH | 43 | 28 | 41 | 30 | 142 |
| NAME.COM, INC. | 70 | 21 | 16 | 18 | 125 |
| INTERNET DOMAIN SERVICE BS CORP | 31 | 66 | 5 | 15 | 117 |
| DOMAINS.CO.ZA | 33 | 24 | 35 | 19 | 111 |
| ENOM, INC. | 31 | 30 | 23 | 25 | 109 |
| HOSTKING.CO.ZA | 31 | 29 | 19 | 10 | 89 |
| DYNADOT, LLC | 32 | 33 | 7 | 13 | 85 |
| TLD REGISTRAR SOLUTIONS LTD. | 39 | 29 | 0 | 2 | 70 |
| INSTRA CORPORATION PTY LTD. | 1 | 1 | 5 | 58 | 65 |
| FREE SUBDOMAIN | 10 | 14 | 12 | 15 | 51 |
| HOSTINGER, UAB | 21 | 17 | 9 | 4 | 51 |
| ONLINENIC, INC. | 3 | 16 | 25 | 3 | 47 |
| WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC | 14 | 15 | 11 | 2 | 42 |
| INSLYHOST.COM | 0 | 10 | 18 | 10 | 38 |
| UPPERLINK LIMITED | 8 | 7 | 8 | 8 | 31 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 30 | 30 |
| TUCOWS DOMAINS INC. | 9 | 10 | 6 | 5 | 30 |
| 1&1 INTERNET | 22 | 2 | 3 | 0 | 27 |
| PORKBUN, LLC | 5 | 6 | 2 | 14 | 27 |
| WILD WEST DOMAINS, LLC | 0 | 1 | 6 | 17 | 24 |
| GANDI SAS | 0 | 23 | 0 | 0 | 23 |
| SHINJIRU MSC SDN BHD | 4 | 7 | 7 | 2 | 20 |
| BIGROCK SOLUTIONS LTD | 2 | 13 | 1 | 1 | 17 |
| WIX.COM LTD. | 2 | 2 | 5 | 6 | 15 |
| HOSTAFRICA | 3 | 3 | 5 | 2 | 13 |
| AXXESS DSL | 3 | 4 | 4 | 1 | 12 |
| NETEARTH ONE INC. D/B/A NETEARTH | 4 | 4 | 4 | 0 | 12 |
| SAV.COM, LLC | 0 | 3 | 5 | 4 | 12 |
| REGISTER DOMAIN SA | 5 | 1 | 2 | 3 | 11 |
| VEHOST.CO.ZA | 2 | 1 | 2 | 6 | 11 |
| WEB4AFRICA INC. | 1 | 3 | 3 | 4 | 11 |
| CENTER OF UKRAINIAN INTERNET NAMES DBA UKRNAMES | 1 | 8 | 0 | 1 | 10 |
| GOOGLE LLC | 2 | 4 | 1 | 3 | 10 |
| LAUNCHPAD.COM, INC. | 2 | 3 | 4 | 1 | 10 |
| ATAK TEKNOLOJI | 0 | 8 | 0 | 1 | 9 |
| EPAG DOMAINSERVICES GMBH | 4 | 3 | 2 | 0 | 9 |
| FASTDOMAIN INC. | 3 | 1 | 3 | 2 | 9 |
| 101DOMAIN GRS LIMITED | 7 | 0 | 1 | 0 | 8 |
| ALIBABA CLOUD | 0 | 4 | 4 | 0 | 8 |
| NAMEWEB BVBA | 2 | 0 | 0 | 6 | 8 |
| DNSPOD, INC. | 0 | 1 | 0 | 6 | 7 |
| REGISTER.COM, INC. | 3 | 2 | 2 | 0 | 7 |
| WEBAFRICA NETWORKS | 1 | 4 | 2 | 0 | 7 |
| FREE DOMAIN | 1 | 4 | 0 | 1 | 6 |
| LIGNE WEB SERVICES SARL DBA LWS | 2 | 1 | 0 | 3 | 6 |
| NICENIC | 4 | 0 | 0 | 2 | 6 |
| REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER | 1 | 0 | 5 | 0 | 6 |
| AFRIHOST | 1 | 2 | 1 | 1 | 5 |
| CRAZY DOMAINS FZ-LLC | 1 | 1 | 3 | 0 | 5 |
| DREAMHOST, LLC | 0 | 0 | 2 | 3 | 5 |
| ERANET INTERNATIONAL LIMITED | 0 | 0 | 1 | 4 | 5 |
| MONIKER ONLINE SERVICES LLC | 0 | 0 | 2 | 3 | 5 |
| REGTIME LTD. | 0 | 0 | 0 | 5 | 5 |
| TRUEHOST CLOUD LIMITED | 0 | 0 | 0 | 5 | 5 |
| XNEELO (PTY) LTD | 0 | 2 | 2 | 1 | 5 |
| GRANSY S.R.O. D/B/A SUBREG.CZ | 0 | 0 | 4 | 0 | 4 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 4 | 0 | 0 | 0 | 4 |
| KEY-SYSTEMS GMBH | 3 | 0 | 1 | 0 | 4 |
| SA DOMAIN | 3 | 1 | 0 | 0 | 4 |
| 123-REG LIMITED T/A 123-REG | 0 | 1 | 0 | 2 | 3 |
| ENDURANCE DOMAINS TECHNOLOGY PVT. LTD | 0 | 2 | 1 | 0 | 3 |
| GMO | 0 | 0 | 0 | 3 | 3 |
| IN2NET NETWORK INC. | 0 | 1 | 0 | 2 | 3 |
| PSI-USA, INC. DBA DOMAIN ROBOT | 0 | 1 | 0 | 2 | 3 |
| REGISTER.IT SPA | 1 | 0 | 0 | 2 | 3 |
| SYNERGY WHOLESALE PTY LTD | 0 | 0 | 0 | 3 | 3 |
| WEBSPACEBAR | 0 | 2 | 1 | 0 | 3 |
| ARUBA SPA | 0 | 0 | 2 | 0 | 2 |
| DANESCO TRADING LTD. | 0 | 1 | 1 | 0 | 2 |
| FRIKKADEL | 1 | 0 | 1 | 0 | 2 |
| INTERNET INVEST, LTD. DBA IMENA.UA | 1 | 1 | 0 | 0 | 2 |
| LIQUIDNET LTD. | 0 | 1 | 0 | 1 | 2 |
| NETWORK SOLUTIONS, LLC | 0 | 1 | 1 | 0 | 2 |
| NOTFOUND | 1 | 1 | 0 | 0 | 2 |
| SA WEBHOSTS | 0 | 0 | 0 | 2 | 2 |
| ZA DOMAINS | 1 | 1 | 0 | 0 | 2 |
| AMPLEHOSTING | 1 | 0 | 0 | 0 | 1 |
| ARSYS INTERNET, S.L. DBA NICLINE.COM | 1 | 0 | 0 | 0 | 1 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 1 | 1 |
| CLOUD YUQU LLC | 0 | 0 | 0 | 1 | 1 |
| DENIC | 0 | 1 | 0 | 0 | 1 |
| DNSGULF.COM | 0 | 0 | 0 | 1 | 1 |
| DOMAIN.COM, LLC | 0 | 0 | 1 | 0 | 1 |
| DOMAINKING | 0 | 0 | 1 | 0 | 1 |
| GODADDY.COM, LLC | 0 | 1 | 0 | 0 | 1 |
| HELLO INTERNET CORP. | 0 | 0 | 1 | 0 | 1 |
| HOSTING UKRAINE LLC | 0 | 1 | 0 | 0 | 1 |
| HOSTPINNACLE KENYA LIMITED | 0 | 0 | 0 | 1 | 1 |
| NETIM SARL | 0 | 1 | 0 | 0 | 1 |
| OPENTLD B.V. | 0 | 1 | 0 | 0 | 1 |
| OVH SAS | 0 | 0 | 1 | 0 | 1 |
| PORKBUN, LLC | 0 | 1 | 0 | 0 | 1 |
| REALTIME REGISTER B.V. | 1 | 0 | 0 | 0 | 1 |
| REBEL LTD | 0 | 0 | 1 | 0 | 1 |
| STALLION HOSTING | 1 | 0 | 0 | 0 | 1 |
| URL SOLUTIONS, INC. | 0 | 1 | 0 | 0 | 1 |
| VAUTRON RECHENZENTRUM AG | 0 | 1 | 0 | 0 | 1 |
| WEB ADDRESS REGISTRATION | 0 | 0 | 1 | 0 | 1 |
Registrar Quarterly: 2021-01-01 to 2021-12-31 (Active Domains)
| Registrar | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| NAMECHEAP, INC. | 77 | 159 | 264 | 223 | 723 | 890 |
| OWNREGISTRAR, INC. | 0 | 79 | 147 | 59 | 285 | 285 |
| NAMESILO, LLC | 41 | 34 | 82 | 46 | 203 | 210 |
| REGISTRAR OF DOMAIN NAMES REG.RU | 32 | 73 | 37 | 5 | 147 | 180 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 10 | 12 | 14 | 109 | 145 | 149 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 49 | 33 | 34 | 18 | 134 | 153 |
| 1API GMBH | 34 | 18 | 31 | 30 | 113 | 135 |
| ENOM, INC. | 26 | 28 | 23 | 24 | 101 | 170 |
| INTERNET DOMAIN SERVICE BS CORP | 20 | 59 | 5 | 15 | 99 | 118 |
| GODADDY.COM, LLC | 32 | 27 | 15 | 16 | 90 | 198 |
| DOMAINS.CO.ZA | 20 | 15 | 33 | 18 | 86 | 91 |
| HOSTKING.CO.ZA | 20 | 24 | 18 | 9 | 71 | 87 |
| INSTRA CORPORATION PTY LTD. | 0 | 1 | 5 | 58 | 64 | 67 |
| DYNADOT, LLC | 18 | 27 | 5 | 12 | 62 | 66 |
| NAME.COM, INC. | 21 | 8 | 14 | 9 | 52 | 66 |
| TLD REGISTRAR SOLUTIONS LTD. | 19 | 25 | 0 | 2 | 46 | 46 |
| FREE SUBDOMAIN | 4 | 9 | 10 | 15 | 38 | 166 |
| INSLYHOST.COM | 0 | 10 | 18 | 10 | 38 | 38 |
| ONLINENIC, INC. | 1 | 14 | 19 | 2 | 36 | 40 |
| WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC | 11 | 13 | 10 | 2 | 36 | 52 |
| HOSTINGER, UAB | 5 | 15 | 6 | 4 | 30 | 86 |
| UPPERLINK LIMITED | 4 | 7 | 8 | 8 | 27 | 40 |
| TUCOWS DOMAINS INC. | 5 | 8 | 6 | 5 | 24 | 64 |
| WILD WEST DOMAINS, LLC | 0 | 1 | 6 | 17 | 24 | 30 |
| PORKBUN, LLC | 3 | 3 | 2 | 14 | 22 | 28 |
| GANDI SAS | 0 | 18 | 0 | 0 | 18 | 19 |
| SHINJIRU MSC SDN BHD | 2 | 7 | 6 | 2 | 17 | 40 |
| WIX.COM LTD. | 2 | 1 | 5 | 6 | 14 | 18 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 12 | 12 | 13 |
| SAV.COM, LLC | 0 | 3 | 5 | 4 | 12 | 12 |
| HOSTAFRICA | 3 | 1 | 5 | 2 | 11 | 13 |
| BIGROCK SOLUTIONS LTD | 0 | 7 | 1 | 1 | 9 | 11 |
| EPAG DOMAINSERVICES GMBH | 4 | 3 | 2 | 0 | 9 | 23 |
| VEHOST.CO.ZA | 0 | 1 | 2 | 6 | 9 | 9 |
| CENTER OF UKRAINIAN INTERNET NAMES DBA UKRNAMES | 1 | 6 | 0 | 1 | 8 | 10 |
| NAMEWEB BVBA | 2 | 0 | 0 | 6 | 8 | 8 |
| ALIBABA CLOUD | 0 | 4 | 3 | 0 | 7 | 13 |
| GOOGLE LLC | 2 | 2 | 1 | 2 | 7 | 15 |
| LAUNCHPAD.COM, INC. | 2 | 1 | 3 | 1 | 7 | 15 |
| 1&1 INTERNET | 3 | 1 | 2 | 0 | 6 | 25 |
| FASTDOMAIN INC. | 2 | 0 | 3 | 1 | 6 | 27 |
| NETEARTH ONE INC. D/B/A NETEARTH | 1 | 2 | 3 | 0 | 6 | 20 |
| NICENIC | 4 | 0 | 0 | 2 | 6 | 12 |
| REGIONAL NETWORK INFORMATION CENTER, JSC DBA RU-CENTER | 1 | 0 | 5 | 0 | 6 | 6 |
| REGISTER DOMAIN SA | 0 | 1 | 2 | 3 | 6 | 8 |
| WEBAFRICA NETWORKS | 1 | 3 | 2 | 0 | 6 | 10 |
| ATAK TEKNOLOJI | 0 | 4 | 0 | 1 | 5 | 5 |
| DNSPOD, INC. | 0 | 1 | 0 | 4 | 5 | 5 |
| DREAMHOST, LLC | 0 | 0 | 2 | 3 | 5 | 7 |
| ERANET INTERNATIONAL LIMITED | 0 | 0 | 1 | 4 | 5 | 6 |
| MONIKER ONLINE SERVICES LLC | 0 | 0 | 2 | 3 | 5 | 10 |
| REGISTER.COM, INC. | 2 | 2 | 1 | 0 | 5 | 11 |
| REGTIME LTD. | 0 | 0 | 0 | 5 | 5 | 5 |
| TRUEHOST CLOUD LIMITED | 0 | 0 | 0 | 5 | 5 | 5 |
| XNEELO (PTY) LTD | 0 | 2 | 2 | 1 | 5 | 5 |
| AXXESS DSL | 1 | 0 | 2 | 1 | 4 | 5 |
| CRAZY DOMAINS FZ-LLC | 0 | 1 | 3 | 0 | 4 | 7 |
| FREE DOMAIN | 1 | 2 | 0 | 1 | 4 | 6 |
| LIGNE WEB SERVICES SARL DBA LWS | 0 | 1 | 0 | 3 | 4 | 24 |
| WEB4AFRICA INC. | 0 | 0 | 1 | 3 | 4 | 7 |
| 123-REG LIMITED T/A 123-REG | 0 | 1 | 0 | 2 | 3 | 3 |
| AFRIHOST | 0 | 1 | 1 | 1 | 3 | 4 |
| ENDURANCE DOMAINS TECHNOLOGY PVT. LTD | 0 | 2 | 1 | 0 | 3 | 3 |
| GMO | 0 | 0 | 0 | 3 | 3 | 3 |
| GRANSY S.R.O. D/B/A SUBREG.CZ | 0 | 0 | 3 | 0 | 3 | 8 |
| IN2NET NETWORK INC. | 0 | 1 | 0 | 2 | 3 | 3 |
| KEY-SYSTEMS GMBH | 2 | 0 | 1 | 0 | 3 | 3 |
| SYNERGY WHOLESALE PTY LTD | 0 | 0 | 0 | 3 | 3 | 3 |
| ARUBA SPA | 0 | 0 | 2 | 0 | 2 | 2 |
| LIQUIDNET LTD. | 0 | 1 | 0 | 1 | 2 | 2 |
| NETWORK SOLUTIONS, LLC | 0 | 1 | 1 | 0 | 2 | 12 |
| NOTFOUND | 1 | 1 | 0 | 0 | 2 | 3 |
| PSI-USA, INC. DBA DOMAIN ROBOT | 0 | 0 | 0 | 2 | 2 | 3 |
| REGISTER.IT SPA | 0 | 0 | 0 | 2 | 2 | 2 |
| SA WEBHOSTS | 0 | 0 | 0 | 2 | 2 | 3 |
| WEBSPACEBAR | 0 | 2 | 0 | 0 | 2 | 3 |
| ZA DOMAINS | 1 | 1 | 0 | 0 | 2 | 2 |
| 101DOMAIN GRS LIMITED | 0 | 0 | 1 | 0 | 1 | 3 |
| ARSYS INTERNET, S.L. DBA NICLINE.COM | 1 | 0 | 0 | 0 | 1 | 1 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 1 | 1 | 13 |
| CLOUD YUQU LLC | 0 | 0 | 0 | 1 | 1 | 1 |
| DANESCO TRADING LTD. | 0 | 0 | 1 | 0 | 1 | 3 |
| DENIC | 0 | 1 | 0 | 0 | 1 | 3 |
| DNSGULF.COM | 0 | 0 | 0 | 1 | 1 | 1 |
| DOMAIN.COM, LLC | 0 | 0 | 1 | 0 | 1 | 4 |
| DOMAINKING | 0 | 0 | 1 | 0 | 1 | 1 |
| GODADDY.COM, LLC | 0 | 1 | 0 | 0 | 1 | 198 |
| HELLO INTERNET CORP. | 0 | 0 | 1 | 0 | 1 | 1 |
| HOSTING UKRAINE LLC | 0 | 1 | 0 | 0 | 1 | 1 |
| HOSTPINNACLE KENYA LIMITED | 0 | 0 | 0 | 1 | 1 | 1 |
| NETIM SARL | 0 | 1 | 0 | 0 | 1 | 3 |
| OPENTLD B.V. | 0 | 1 | 0 | 0 | 1 | 1 |
| PORKBUN, LLC | 0 | 1 | 0 | 0 | 1 | 28 |
| SA DOMAIN | 0 | 1 | 0 | 0 | 1 | 1 |
| URL SOLUTIONS, INC. | 0 | 1 | 0 | 0 | 1 | 2 |
| VAUTRON RECHENZENTRUM AG | 0 | 1 | 0 | 0 | 1 | 1 |
| WEB ADDRESS REGISTRATION | 0 | 0 | 1 | 0 | 1 | 1 |
| AMPLEHOSTING | 0 | 0 | 0 | 0 | 0 | 3 |
| FRIKKADEL | 0 | 0 | 0 | 0 | 0 | 0 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 0 | 0 | 0 | 0 | 0 | 153 |
| INTERNET INVEST, LTD. DBA IMENA.UA | 0 | 0 | 0 | 0 | 0 | 0 |
| OVH SAS | 0 | 0 | 0 | 0 | 0 | 4 |
| REALTIME REGISTER B.V. | 0 | 0 | 0 | 0 | 0 | 0 |
| REBEL LTD | 0 | 0 | 0 | 0 | 0 | 0 |
| STALLION HOSTING | 0 | 0 | 0 | 0 | 0 | 0 |
Abuse by TLD, ccTLD and Free Sub-Domain
Domains by TLD: Quarterly 2021-01-01 to 2021-12-31 (All Domains)
| Domain End | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| com | 1350 | 1662 | 1315 | 890 | 5217 |
| co.za | 134 | 115 | 136 | 88 | 473 |
| online | 37 | 35 | 33 | 76 | 181 |
| us | 42 | 46 | 49 | 5 | 142 |
| org | 20 | 44 | 33 | 26 | 123 |
| net | 19 | 49 | 32 | 20 | 120 |
| site | 3 | 8 | 7 | 19 | 37 |
| co.uk | 9 | 10 | 9 | 2 | 30 |
| xyz | 2 | 10 | 6 | 6 | 24 |
| co | 4 | 7 | 8 | 3 | 22 |
| info | 2 | 3 | 8 | 5 | 18 |
| world | 3 | 8 | 5 | 0 | 16 |
| club | 3 | 9 | 2 | 0 | 14 |
| uk | 11 | 2 | 0 | 0 | 13 |
| eu | 3 | 3 | 4 | 2 | 12 |
| biz | 1 | 6 | 2 | 1 | 10 |
| business.site | 2 | 2 | 2 | 3 | 9 |
| live | 1 | 4 | 2 | 2 | 9 |
| ca | 4 | 0 | 2 | 2 | 8 |
| shop | 0 | 1 | 2 | 4 | 7 |
| com.au | 1 | 2 | 3 | 0 | 6 |
| me | 0 | 4 | 2 | 0 | 6 |
| rest | 0 | 5 | 1 | 0 | 6 |
| blogspot.com | 3 | 1 | 1 | 0 | 5 |
| icu | 1 | 2 | 1 | 1 | 5 |
| ltd | 1 | 3 | 1 | 0 | 5 |
| space | 0 | 3 | 2 | 0 | 5 |
| website | 1 | 3 | 1 | 0 | 5 |
| wixsite.com | 0 | 1 | 1 | 3 | 5 |
| de | 3 | 1 | 0 | 0 | 4 |
| fit | 0 | 0 | 0 | 4 | 4 |
| weebly.com | 0 | 1 | 1 | 2 | 4 |
| zohosites.com | 0 | 2 | 2 | 0 | 4 |
| dx.am | 0 | 3 | 0 | 0 | 3 |
| es | 2 | 1 | 0 | 0 | 3 |
| in | 0 | 1 | 1 | 1 | 3 |
| nl | 0 | 0 | 3 | 0 | 3 |
| pw | 0 | 1 | 2 | 0 | 3 |
| store | 0 | 1 | 0 | 2 | 3 |
| tk | 0 | 3 | 0 | 0 | 3 |
| 000webhostapp.com | 1 | 0 | 0 | 1 | 2 |
| cash | 0 | 2 | 0 | 0 | 2 |
| dog | 1 | 0 | 0 | 1 | 2 |
| exchange | 0 | 2 | 0 | 0 | 2 |
| legal | 0 | 0 | 2 | 0 | 2 |
| ml | 1 | 1 | 0 | 0 | 2 |
| ru.com | 0 | 0 | 2 | 0 | 2 |
| services | 0 | 0 | 1 | 1 | 2 |
| simplesite.com | 1 | 0 | 0 | 1 | 2 |
| tech | 0 | 0 | 0 | 2 | 2 |
| webnode.com | 0 | 1 | 1 | 0 | 2 |
| wordpress.com | 0 | 0 | 0 | 2 | 2 |
| work | 0 | 0 | 0 | 2 | 2 |
| yolasite.com | 0 | 0 | 1 | 1 | 2 |
| 3-a.net | 0 | 0 | 0 | 1 | 1 |
| agency | 0 | 1 | 0 | 0 | 1 |
| autos | 0 | 0 | 0 | 1 | 1 |
| be | 0 | 1 | 0 | 0 | 1 |
| bid | 1 | 0 | 0 | 0 | 1 |
| buzz | 0 | 1 | 0 | 0 | 1 |
| c1.biz | 0 | 0 | 1 | 0 | 1 |
| cc | 0 | 0 | 1 | 0 | 1 |
| center | 0 | 0 | 0 | 1 | 1 |
| cf | 0 | 0 | 0 | 1 | 1 |
| checkout.webselfsite.net | 0 | 0 | 1 | 0 | 1 |
| cloud | 0 | 0 | 0 | 1 | 1 |
| co.in | 0 | 1 | 0 | 0 | 1 |
| co.ke | 0 | 0 | 0 | 1 | 1 |
| co.ua | 0 | 0 | 1 | 0 | 1 |
| com.ng | 0 | 0 | 1 | 0 | 1 |
| com.ua | 0 | 1 | 0 | 0 | 1 |
| delivery | 0 | 1 | 0 | 0 | 1 |
| digital | 0 | 1 | 0 | 0 | 1 |
| 1 | 0 | 0 | 0 | 1 | |
| etempurl.com | 0 | 1 | 0 | 0 | 1 |
| express | 1 | 0 | 0 | 0 | 1 |
| ga | 0 | 1 | 0 | 0 | 1 |
| in.net | 0 | 1 | 0 | 0 | 1 |
| international | 1 | 0 | 0 | 0 | 1 |
| irish | 0 | 0 | 1 | 0 | 1 |
| jimdofree.com | 0 | 1 | 0 | 0 | 1 |
| mozello.de | 0 | 1 | 0 | 0 | 1 |
| one | 0 | 0 | 1 | 0 | 1 |
| otzo.com | 1 | 0 | 0 | 0 | 1 |
| pet | 0 | 1 | 0 | 0 | 1 |
| pl | 1 | 0 | 0 | 0 | 1 |
| sale | 0 | 1 | 0 | 0 | 1 |
| se | 0 | 0 | 1 | 0 | 1 |
| systems | 0 | 0 | 1 | 0 | 1 |
| top | 0 | 1 | 0 | 0 | 1 |
| usa.cc | 1 | 0 | 0 | 0 | 1 |
| webself.net | 0 | 0 | 1 | 0 | 1 |
| website2.me | 0 | 0 | 0 | 1 | 1 |
| webstarts.com | 1 | 0 | 0 | 0 | 1 |
| wiki | 0 | 0 | 1 | 0 | 1 |
| win | 0 | 0 | 0 | 1 | 1 |
Domains by TLD: Quarterly 2021-01-01 to 2021-12-31 (Active Domains)
| Domain End | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| com | 379 | 608 | 677 | 668 | 2332 | 3057 |
| co.za | 80 | 83 | 119 | 87 | 369 | 439 |
| net | 4 | 24 | 15 | 14 | 57 | 93 |
| us | 5 | 21 | 10 | 3 | 39 | 47 |
| org | 4 | 8 | 12 | 14 | 38 | 68 |
| online | 4 | 7 | 4 | 8 | 23 | 27 |
| co.uk | 0 | 5 | 6 | 2 | 13 | 22 |
| co | 2 | 4 | 3 | 1 | 10 | 13 |
| eu | 1 | 2 | 4 | 2 | 9 | 14 |
| info | 1 | 2 | 3 | 3 | 9 | 13 |
| business.site | 1 | 1 | 2 | 3 | 7 | 13 |
| club | 0 | 7 | 0 | 0 | 7 | 7 |
| live | 0 | 3 | 2 | 1 | 6 | 6 |
| shop | 0 | 0 | 2 | 4 | 6 | 6 |
| ca | 2 | 0 | 2 | 1 | 5 | 7 |
| wixsite.com | 0 | 1 | 1 | 3 | 5 | 25 |
| xyz | 0 | 0 | 3 | 2 | 5 | 5 |
| biz | 0 | 2 | 1 | 1 | 4 | 8 |
| blogspot.com | 2 | 1 | 1 | 0 | 4 | 20 |
| fit | 0 | 0 | 0 | 4 | 4 | 4 |
| weebly.com | 0 | 1 | 1 | 2 | 4 | 7 |
| es | 2 | 1 | 0 | 0 | 3 | 4 |
| zohosites.com | 0 | 2 | 1 | 0 | 3 | 6 |
| com.au | 0 | 0 | 2 | 0 | 2 | 2 |
| in | 0 | 1 | 1 | 0 | 2 | 2 |
| legal | 0 | 0 | 2 | 0 | 2 | 2 |
| ml | 1 | 1 | 0 | 0 | 2 | 3 |
| simplesite.com | 1 | 0 | 0 | 1 | 2 | 2 |
| site | 0 | 0 | 2 | 0 | 2 | 4 |
| webnode.com | 0 | 1 | 1 | 0 | 2 | 5 |
| wordpress.com | 0 | 0 | 0 | 2 | 2 | 18 |
| yolasite.com | 0 | 0 | 1 | 1 | 2 | 10 |
| 000webhostapp.com | 0 | 0 | 0 | 1 | 1 | 1 |
| 3-a.net | 0 | 0 | 0 | 1 | 1 | 1 |
| autos | 0 | 0 | 0 | 1 | 1 | 1 |
| be | 0 | 1 | 0 | 0 | 1 | 1 |
| center | 0 | 0 | 0 | 1 | 1 | 1 |
| cf | 0 | 0 | 0 | 1 | 1 | 2 |
| checkout.webselfsite.net | 0 | 0 | 1 | 0 | 1 | 1 |
| co.in | 0 | 1 | 0 | 0 | 1 | 2 |
| co.ke | 0 | 0 | 0 | 1 | 1 | 1 |
| co.ua | 0 | 0 | 1 | 0 | 1 | 2 |
| com.ng | 0 | 0 | 1 | 0 | 1 | 2 |
| de | 0 | 1 | 0 | 0 | 1 | 5 |
| delivery | 0 | 1 | 0 | 0 | 1 | 1 |
| digital | 0 | 1 | 0 | 0 | 1 | 1 |
| dx.am | 0 | 1 | 0 | 0 | 1 | 3 |
| ga | 0 | 1 | 0 | 0 | 1 | 1 |
| icu | 0 | 0 | 1 | 0 | 1 | 1 |
| irish | 0 | 0 | 1 | 0 | 1 | 1 |
| jimdofree.com | 0 | 1 | 0 | 0 | 1 | 1 |
| ltd | 0 | 1 | 0 | 0 | 1 | 1 |
| me | 0 | 0 | 1 | 0 | 1 | 8 |
| nl | 0 | 0 | 1 | 0 | 1 | 3 |
| pl | 1 | 0 | 0 | 0 | 1 | 3 |
| pw | 0 | 0 | 1 | 0 | 1 | 1 |
| ru.com | 0 | 0 | 1 | 0 | 1 | 1 |
| services | 0 | 0 | 1 | 0 | 1 | 1 |
| systems | 0 | 0 | 1 | 0 | 1 | 1 |
| tk | 0 | 1 | 0 | 0 | 1 | 1 |
| uk | 1 | 0 | 0 | 0 | 1 | 1 |
| webself.net | 0 | 0 | 1 | 0 | 1 | 6 |
| website | 0 | 0 | 1 | 0 | 1 | 1 |
| website2.me | 0 | 0 | 0 | 1 | 1 | 1 |
| work | 0 | 0 | 0 | 1 | 1 | 1 |
| agency | 0 | 0 | 0 | 0 | 0 | 1 |
| bid | 0 | 0 | 0 | 0 | 0 | 0 |
| buzz | 0 | 0 | 0 | 0 | 0 | 0 |
| c1.biz | 0 | 0 | 0 | 0 | 0 | 0 |
| cash | 0 | 0 | 0 | 0 | 0 | 0 |
| cc | 0 | 0 | 0 | 0 | 0 | 0 |
| cloud | 0 | 0 | 0 | 0 | 0 | 0 |
| com.ua | 0 | 0 | 0 | 0 | 0 | 1 |
| dog | 0 | 0 | 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 0 | 0 | 0 | |
| etempurl.com | 0 | 0 | 0 | 0 | 0 | 0 |
| exchange | 0 | 0 | 0 | 0 | 0 | 0 |
| express | 0 | 0 | 0 | 0 | 0 | 0 |
| in.net | 0 | 0 | 0 | 0 | 0 | 0 |
| international | 0 | 0 | 0 | 0 | 0 | 0 |
| mozello.de | 0 | 0 | 0 | 0 | 0 | 0 |
| one | 0 | 0 | 0 | 0 | 0 | 0 |
| otzo.com | 0 | 0 | 0 | 0 | 0 | 0 |
| pet | 0 | 0 | 0 | 0 | 0 | 0 |
| rest | 0 | 0 | 0 | 0 | 0 | 0 |
| sale | 0 | 0 | 0 | 0 | 0 | 0 |
| se | 0 | 0 | 0 | 0 | 0 | 4 |
| space | 0 | 0 | 0 | 0 | 0 | 0 |
| store | 0 | 0 | 0 | 0 | 0 | 0 |
| tech | 0 | 0 | 0 | 0 | 0 | 0 |
| top | 0 | 0 | 0 | 0 | 0 | 0 |
| usa.cc | 0 | 0 | 0 | 0 | 0 | 0 |
| webstarts.com | 0 | 0 | 0 | 0 | 0 | 0 |
| wiki | 0 | 0 | 0 | 0 | 0 | 0 |
| win | 0 | 0 | 0 | 0 | 0 | 0 |
| world | 0 | 0 | 0 | 0 | 0 | 0 |
com: Excludes blogspot.com 000webhostapp.com webstarts.com otzo.com simplesite.com zohosites.com etempurl.com webnode.com jimdofree.com wixsite.com weebly.com ru.com yolasite.com wordpress.com
net: Excludes in.net checkout.webselfsite.net webself.net 3-a.net
biz: Excludes c1.biz
uk: Excludes co.uk
site: Excludes business.site
ca: Excludes vps.ovh.ca
my: Excludes com.my
de: Excludes mozello.de
in: Excludes co.in
cc: Excludes usa.cc
The co.za ccTLD Abuse
In 2020, the .co.za was the most the second most abused TLD/ccTLD after .com. These statistics show where the abuse occurred.
.co.za ccTLD Quarterly: 2021-01-01 to 2021-12-31 (All Domains)
| Registrar | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| 1API GMBH | 41 | 27 | 38 | 29 | 135 |
| DOMAINS.CO.ZA | 29 | 24 | 35 | 14 | 102 |
| HOSTKING.CO.ZA | 31 | 29 | 19 | 10 | 89 |
| INSLYHOST.COM | 0 | 10 | 18 | 10 | 38 |
| HOSTAFRICA | 3 | 3 | 5 | 2 | 13 |
| AXXESS DSL | 3 | 4 | 4 | 1 | 12 |
| REGISTER DOMAIN SA | 5 | 1 | 2 | 3 | 11 |
| VEHOST.CO.ZA | 2 | 1 | 2 | 6 | 11 |
| EPAG DOMAINSERVICES GMBH | 4 | 3 | 2 | 0 | 9 |
| INSTRA CORPORATION PTY LTD. | 1 | 0 | 2 | 4 | 7 |
| WEBAFRICA NETWORKS | 1 | 4 | 2 | 0 | 7 |
| 101DOMAIN GRS LIMITED | 6 | 0 | 0 | 0 | 6 |
| AFRIHOST | 1 | 2 | 1 | 1 | 5 |
| TRUEHOST CLOUD LIMITED | 0 | 0 | 0 | 5 | 5 |
| XNEELO (PTY) LTD | 0 | 2 | 2 | 1 | 5 |
| SA DOMAIN | 3 | 1 | 0 | 0 | 4 |
| WEBSPACEBAR | 0 | 2 | 1 | 0 | 3 |
| FRIKKADEL | 1 | 0 | 1 | 0 | 2 |
| SA WEBHOSTS | 0 | 0 | 0 | 2 | 2 |
| ZA DOMAINS | 1 | 1 | 0 | 0 | 2 |
| 1&1 INTERNET | 0 | 0 | 1 | 0 | 1 |
| AMPLEHOSTING | 1 | 0 | 0 | 0 | 1 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 0 | 1 | 0 | 0 | 1 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 0 | 0 | 1 | 0 | 1 |
| STALLION HOSTING | 1 | 0 | 0 | 0 | 1 |
.co.za ccTLD Quarterly: 2020-01-01 to 2020-12-31 (Active Domains)
| Registrar | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| 1API GMBH | 32 | 17 | 28 | 29 | 106 | 122 |
| DOMAINS.CO.ZA | 18 | 15 | 33 | 14 | 80 | 85 |
| HOSTKING.CO.ZA | 20 | 24 | 18 | 9 | 71 | 87 |
| INSLYHOST.COM | 0 | 10 | 18 | 10 | 38 | 38 |
| HOSTAFRICA | 3 | 1 | 5 | 2 | 11 | 13 |
| EPAG DOMAINSERVICES GMBH | 4 | 3 | 2 | 0 | 9 | 22 |
| VEHOST.CO.ZA | 0 | 1 | 2 | 6 | 9 | 9 |
| INSTRA CORPORATION PTY LTD. | 0 | 0 | 2 | 4 | 6 | 7 |
| REGISTER DOMAIN SA | 0 | 1 | 2 | 3 | 6 | 8 |
| WEBAFRICA NETWORKS | 1 | 3 | 2 | 0 | 6 | 10 |
| TRUEHOST CLOUD LIMITED | 0 | 0 | 0 | 5 | 5 | 5 |
| XNEELO (PTY) LTD | 0 | 2 | 2 | 1 | 5 | 5 |
| AXXESS DSL | 1 | 0 | 2 | 1 | 4 | 5 |
| AFRIHOST | 0 | 1 | 1 | 1 | 3 | 4 |
| SA WEBHOSTS | 0 | 0 | 0 | 2 | 2 | 3 |
| WEBSPACEBAR | 0 | 2 | 0 | 0 | 2 | 3 |
| ZA DOMAINS | 1 | 1 | 0 | 0 | 2 | 2 |
| 1&1 INTERNET | 0 | 0 | 1 | 0 | 1 | 1 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 0 | 1 | 0 | 0 | 1 | 4 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 0 | 0 | 1 | 0 | 1 | 1 |
| SA DOMAIN | 0 | 1 | 0 | 0 | 1 | 1 |
| 101DOMAIN GRS LIMITED | 0 | 0 | 0 | 0 | 0 | 1 |
| AMPLEHOSTING | 0 | 0 | 0 | 0 | 0 | 3 |
| FRIKKADEL | 0 | 0 | 0 | 0 | 0 | 0 |
| STALLION HOSTING | 0 | 0 | 0 | 0 | 0 | 0 |
Note to registrars, registries and law enforcement
Artists Against 419 does not just say it, we can also prove it. We record numerous attributes for each entry in our database. While some of these are publicly visible at https://db.aa419.org, we record additional evidence of maliciousness. These includes website snapshots with embedded EXIF data, source code of interesting pages, email headers and/or linking data.
We appreciate outreach from any registrar and registry alike where they are keen to understand the nature of this maliciousness and wish to mitigate. You are the parties either abused or used as an entry point for this fraud on the web. The choice is yours to be part of the solution or the problem. Remember, these domains are purchased with the proceeds of fraud to facilitate further fraud.
We may mitigate till the cows come home to protect consumers, but you are the parties that ultimately stop this illegal abuse.
We do not charge any fees for such cooperation.