Domain Abuse: 2022
- Overview
- Definitions Matter
- Registrar Quarterly: 2022-01-01 to 2022-12-31 (All Domains)
- Registrar Quarterly: 2022-01-01 to 2022-12-31 (Active Domains)
- Domain Endings Quarterly: 2022-01-01 to 2022-31 (All Domains)
- Domain Endings Quarterly: 2022-01-01 to 2022-12-31 (Active Domains)
- .co.za ccTLD Quarterly: 2022-01-01 to 2022-12-31 (All Domains)
- .co.za ccTLD Quarterly: 2022-01-01 to 2022-12-31 (Active Domains)
- Note to registrars, registries and law enforcement
Overview
The below statistics shows the advance fee fraud related domain abuse per quarter for 2022 as recorded by Artists Against 419. This records abuse per registrar and ccTLD, exposing the registrars and registries that are problematic and where malicious domains find a foothold to target internet consumers. The details are broken down by Registrar and TLD/ccTLDs/free sub-domains. We do a comparison of malicious domains. We list All Domains per entity vs Active Domains for 2022. It’s our contention that no consumer facing registrar can stop their services being abused. However they most certainly can, and should, mitigate malicious domains. As such the All vs Active comparison is indicative of a Registrar or Registry’s tolerance for fraud. We include a cumulative malicious domain count column in the Active Domains, showing how many malicious domains were active in total at each Registrar / Registry by the end of 2022.
In a continuation from previous years, the South African co.za ccTLD continued it’s pattern growing abuse to remain the second highest abused TLD/ccTLD, growing from 32 recorded malicious domains in 2017 to 555 in 2022. We break this anomaly down by registrar to highlight where this abuse came from.
Definitions Matter
The Artists Against 419 definition of a malicious domain is in line with the ICANN GAC and ICANN CCT definitions. We only list a domain name as malicious in incidents where the domain name was deliberately registered to defraud consumers.
ICANN GAC says the following in the ICANN 46 Beijing Communique:
the domain name registration is being used to facilitate or promote malware, operation of botnets, phishing, piracy, trademark or copyright infringement, fraudulent or deceptive practices, counterfeiting or otherwise engaging in activity contrary to applicable law.
https://gac.icann.org/advice/communiques/public/gac-46-beijing-communique.pdf
ICANN GAC also has this to say in a Sept 2019 statement on DNS Abuse:
Noting that ICANN community findings demonstrated that “consensus exists on what constitutes DNS Security Abuse, or DNS Security Abuse of DNS infrastructure,” the CCT Review Team referred to DNS Abuse as “intentionally deceptive, conniving, or unsolicited activities that actively make use of the DNS and/or the procedures used to register domain names.”
https://gac.icann.org/file-asset/public/gac-statement-dns-abuse-final-18sep19.pdf
Despite these clear plain language definitions, some registrars fail to honor these definitions, instead trying to define their own (rather self serving) abuse definitions. While the few mentioned abuse types are certainly valid, these limited definitions vs annual IC3 statistics show this disconnect. In turn this gaming leads to much consumer harm with such registrars facilitating cyber crime and money laundering through inaction, further overwhelming already constrained law enforcement resources. It’s also a known fact that many of these domain registrations are funded with stolen money.
Abuse by Registrar
Registrar Quarterly: 2022-01-01 to 2022-12-31 (All Domains)
| Registrar | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| NAMECHEAP, INC. | 571 | 350 | 418 | 381 | 1720 |
| NAMESILO, LLC | 89 | 156 | 137 | 116 | 498 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 151 | 144 | 68 | 135 | 498 |
| OWNREGISTRAR, INC. | 59 | 93 | 47 | 63 | 262 |
| 1API GMBH | 57 | 32 | 52 | 68 | 209 |
| GODADDY.COM, LLC | 18 | 25 | 28 | 29 | 100 |
| DOMAINS.CO.ZA | 12 | 6 | 22 | 53 | 93 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 24 | 22 | 34 | 10 | 90 |
| HOSTINGER, UAB | 13 | 8 | 48 | 20 | 89 |
| WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC | 19 | 16 | 6 | 35 | 76 |
| REGISTER DOMAIN SA | 12 | 46 | 15 | 2 | 75 |
| COSMOTOWN, INC. | 1 | 0 | 59 | 14 | 74 |
| ENOM, INC. | 25 | 12 | 17 | 15 | 69 |
| TUCOWS DOMAINS INC. | 12 | 6 | 27 | 13 | 58 |
| ALIBABA CLOUD | 14 | 37 | 3 | 1 | 55 |
| DYNADOT, LLC | 8 | 5 | 23 | 16 | 52 |
| DNS AFRICA LTD | 1 | 29 | 11 | 4 | 45 |
| UPPERLINK LIMITED | 34 | 6 | 2 | 1 | 43 |
| FREE SUBDOMAIN | 11 | 6 | 9 | 8 | 34 |
| HOSTAFRICA | 0 | 5 | 15 | 13 | 33 |
| INTERNET DOMAIN SERVICE BS CORP | 1 | 7 | 14 | 11 | 33 |
| REGISTRAR OF DOMAIN NAMES REG.RU | 32 | 1 | 0 | 0 | 33 |
| SHINJIRU MSC SDN BHD | 14 | 15 | 1 | 3 | 33 |
| TRUEHOST CLOUD LIMITED | 4 | 6 | 11 | 11 | 32 |
| ATAK TEKNOLOJI | 4 | 2 | 24 | 0 | 30 |
| HOSTKING.CO.ZA | 5 | 8 | 12 | 5 | 30 |
| VEHOST.CO.ZA | 17 | 5 | 5 | 1 | 28 |
| NAME.COM, INC. | 9 | 2 | 5 | 11 | 27 |
| FASTDOMAIN INC. | 3 | 4 | 15 | 1 | 23 |
| LAUNCHPAD.COM, INC. | 0 | 9 | 10 | 3 | 22 |
| BIGROCK SOLUTIONS LTD | 13 | 2 | 1 | 5 | 21 |
| NETEARTH ONE INC. D/B/A NETEARTH | 3 | 17 | 0 | 1 | 21 |
| NICENIC | 0 | 3 | 13 | 5 | 21 |
| ONLINENIC, INC. | 19 | 1 | 0 | 1 | 21 |
| WIX.COM LTD. | 6 | 4 | 5 | 4 | 19 |
| 1&1 INTERNET | 2 | 1 | 10 | 3 | 16 |
| PORKBUN, LLC | 3 | 9 | 1 | 3 | 16 |
| DREAMHOST, LLC | 4 | 7 | 2 | 1 | 14 |
| WHOGOHOST LIMITED | 0 | 0 | 6 | 8 | 14 |
| INSTRA CORPORATION PTY LTD. | 4 | 3 | 5 | 1 | 13 |
| 101DOMAIN GRS LIMITED | 1 | 9 | 2 | 0 | 12 |
| 123-REG LIMITED T/A 123-REG | 1 | 2 | 7 | 2 | 12 |
| WEB4AFRICA INC. | 3 | 6 | 3 | 0 | 12 |
| KEY-SYSTEMS GMBH | 2 | 2 | 4 | 3 | 11 |
| SA WEBHOSTS | 2 | 7 | 1 | 1 | 11 |
| SAV.COM, LLC | 5 | 0 | 3 | 3 | 11 |
| DENIC | 0 | 3 | 7 | 0 | 10 |
| GOOGLE LLC | 2 | 1 | 6 | 1 | 10 |
| EPAG DOMAINSERVICES GMBH | 1 | 3 | 3 | 2 | 9 |
| GMO | 3 | 3 | 1 | 2 | 9 |
| REALTIME REGISTER B.V. | 0 | 0 | 2 | 7 | 9 |
| CRAZY DOMAINS FZ-LLC | 0 | 1 | 2 | 5 | 8 |
| DOMAIN.COM, LLC | 2 | 1 | 3 | 2 | 8 |
| IN2NET NETWORK INC. | 2 | 4 | 0 | 2 | 8 |
| CENTER OF UKRAINIAN INTERNET NAMES DBA UKRNAMES | 3 | 0 | 3 | 1 | 7 |
| ERANET INTERNATIONAL LIMITED | 4 | 2 | 1 | 0 | 7 |
| GANDI SAS | 0 | 2 | 1 | 3 | 6 |
| NETIM SARL | 2 | 0 | 4 | 0 | 6 |
| AXXESS DSL | 2 | 3 | 0 | 0 | 5 |
| INSLYHOST.COM | 2 | 3 | 0 | 0 | 5 |
| LIQUIDNET LTD. | 0 | 3 | 2 | 0 | 5 |
| MIJN INTERNETOPLOSSING B.V. | 0 | 5 | 0 | 0 | 5 |
| MONIKER ONLINE SERVICES LLC | 0 | 0 | 1 | 4 | 5 |
| WEBAFRICA NETWORKS | 0 | 4 | 0 | 1 | 5 |
| 35.COM | 0 | 0 | 0 | 4 | 4 |
| FE.RU | 0 | 0 | 4 | 0 | 4 |
| REGISTER.COM, INC. | 1 | 2 | 0 | 1 | 4 |
| CNOBIN INFORMATION TECHNOLOGY LIMITED | 2 | 0 | 0 | 1 | 3 |
| DANESCO TRADING LTD. | 0 | 2 | 0 | 1 | 3 |
| EPIK INC. | 0 | 0 | 3 | 0 | 3 |
| FRIKKADEL | 1 | 0 | 0 | 2 | 3 |
| ICPS | 0 | 0 | 0 | 3 | 3 |
| NETWORK SOLUTIONS, LLC | 2 | 1 | 0 | 0 | 3 |
| 007NAMES, INC. | 0 | 0 | 0 | 2 | 2 |
| DNC HOLDINGS, INC. | 0 | 0 | 1 | 1 | 2 |
| ONE.COM A/S | 0 | 1 | 1 | 0 | 2 |
| PSI-USA, INC. DBA DOMAIN ROBOT | 0 | 0 | 2 | 0 | 2 |
| TLD REGISTRAR SOLUTIONS LTD. | 0 | 0 | 2 | 0 | 2 |
| URL SOLUTIONS, INC. | 0 | 0 | 1 | 1 | 2 |
| WILD WEST DOMAINS, LLC | 0 | 1 | 1 | 0 | 2 |
| XNEELO (PTY) LTD | 1 | 0 | 0 | 1 | 2 |
| AFRIHOST | 0 | 0 | 1 | 0 | 1 |
| AMPLEHOSTING | 0 | 0 | 1 | 0 | 1 |
| AUTOMATTIC INC. | 1 | 0 | 0 | 0 | 1 |
| BIZCN.COM, INC. | 0 | 0 | 1 | 0 | 1 |
| BOTTLE DOMAINS, INC. | 0 | 1 | 0 | 0 | 1 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 1 | 1 |
| DOMAINPEOPLE, INC. | 1 | 0 | 0 | 0 | 1 |
| DOMAINSHYPE.COM, INC | 0 | 0 | 0 | 1 | 1 |
| EURODNS S.A. | 0 | 1 | 0 | 0 | 1 |
| FREE DOMAIN | 1 | 0 | 0 | 0 | 1 |
| GRANSY S.R.O. D/B/A SUBREG.CZ | 0 | 1 | 0 | 0 | 1 |
| HOSTNOWNOW | 0 | 0 | 1 | 0 | 1 |
| INTERNET INVEST, LTD. DBA IMENA.UA | 0 | 0 | 0 | 1 | 1 |
| INWX GMBH & CO. KG | 0 | 0 | 1 | 0 | 1 |
| IVECLOUD | 1 | 0 | 0 | 0 | 1 |
| JIANGSU BANGNING SCIENCE AND TECHNOLOGY CO. LTD. | 0 | 0 | 0 | 1 | 1 |
| LIGNE WEB SERVICES SARL DBA LWS | 0 | 0 | 1 | 0 | 1 |
| NOTFOUND | 0 | 0 | 0 | 1 | 1 |
| R01-RU | 0 | 0 | 1 | 0 | 1 |
| REGTIME LTD. | 1 | 0 | 0 | 0 | 1 |
| SA DOMAIN | 0 | 0 | 1 | 0 | 1 |
| THE REGISTRY AT INFO AVENUE, LLC D/B/A SPIRIT COMMUNICATIONS | 1 | 0 | 0 | 0 | 1 |
| UA.IMENA | 1 | 0 | 0 | 0 | 1 |
| VAUTRON RECHENZENTRUM AG | 1 | 0 | 0 | 0 | 1 |
| WEBSPACEBAR | 0 | 1 | 0 | 0 | 1 |
| XIN NET TECHNOLOGY CORPORATION | 0 | 0 | 1 | 0 | 1 |
| ZA DOMAINS | 0 | 1 | 0 | 0 | 1 |
Registrar Quarterly: 2022-01-01 to 2022-12-31 (Active Domains)
| Registrar | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| NAMECHEAP, INC. | 172 | 106 | 182 | 182 | 642 | 908 |
| NAMESILO, LLC | 48 | 125 | 127 | 112 | 412 | 511 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 55 | 68 | 60 | 126 | 309 | 342 |
| OWNREGISTRAR, INC. | 22 | 66 | 35 | 63 | 186 | 286 |
| 1API GMBH | 29 | 29 | 48 | 63 | 169 | 199 |
| DOMAINS.CO.ZA | 4 | 5 | 20 | 51 | 80 | 100 |
| HOSTINGER, UAB | 7 | 7 | 46 | 19 | 79 | 137 |
| COSMOTOWN, INC. | 0 | 0 | 59 | 13 | 72 | 72 |
| GODADDY.COM, LLC | 7 | 15 | 17 | 28 | 67 | 179 |
| WEB COMMERCE COMMUNICATIONS LIMITED DBA WEBNIC.CC | 14 | 14 | 5 | 34 | 67 | 85 |
| HOSTING CONCEPTS B.V. DBA OPENPROVIDER | 15 | 16 | 22 | 8 | 61 | 109 |
| ENOM, INC. | 15 | 11 | 15 | 15 | 56 | 128 |
| DNS AFRICA LTD | 1 | 28 | 11 | 4 | 44 | 46 |
| DYNADOT, LLC | 2 | 4 | 22 | 15 | 43 | 61 |
| ALIBABA CLOUD | 11 | 22 | 2 | 1 | 36 | 40 |
| HOSTAFRICA | 0 | 5 | 15 | 13 | 33 | 35 |
| TUCOWS DOMAINS INC. | 5 | 5 | 13 | 10 | 33 | 80 |
| FREE SUBDOMAIN | 8 | 6 | 8 | 8 | 30 | 191 |
| TRUEHOST CLOUD LIMITED | 4 | 3 | 11 | 11 | 29 | 32 |
| INTERNET DOMAIN SERVICE BS CORP | 1 | 3 | 13 | 11 | 28 | 60 |
| HOSTKING.CO.ZA | 2 | 7 | 11 | 4 | 24 | 45 |
| NAME.COM, INC. | 6 | 1 | 4 | 11 | 22 | 43 |
| FASTDOMAIN INC. | 2 | 4 | 12 | 1 | 19 | 37 |
| NICENIC | 0 | 2 | 12 | 5 | 19 | 31 |
| SHINJIRU MSC SDN BHD | 6 | 8 | 1 | 3 | 18 | 34 |
| ATAK TEKNOLOJI | 1 | 1 | 14 | 0 | 16 | 16 |
| BIGROCK SOLUTIONS LTD | 8 | 1 | 1 | 4 | 14 | 15 |
| LAUNCHPAD.COM, INC. | 0 | 6 | 5 | 3 | 14 | 18 |
| NETEARTH ONE INC. D/B/A NETEARTH | 1 | 12 | 0 | 1 | 14 | 20 |
| WIX.COM LTD. | 4 | 3 | 3 | 4 | 14 | 21 |
| REGISTER DOMAIN SA | 0 | 9 | 3 | 1 | 13 | 17 |
| 1&1 INTERNET | 2 | 0 | 7 | 3 | 12 | 33 |
| WHOGOHOST LIMITED | 0 | 0 | 4 | 8 | 12 | 13 |
| SA WEBHOSTS | 2 | 7 | 1 | 1 | 11 | 13 |
| DREAMHOST, LLC | 3 | 4 | 2 | 1 | 10 | 12 |
| KEY-SYSTEMS GMBH | 2 | 1 | 4 | 3 | 10 | 18 |
| EPAG DOMAINSERVICES GMBH | 1 | 3 | 3 | 2 | 9 | 34 |
| ONLINENIC, INC. | 7 | 1 | 0 | 1 | 9 | 17 |
| REALTIME REGISTER B.V. | 0 | 0 | 2 | 7 | 9 | 13 |
| 123-REG LIMITED T/A 123-REG | 1 | 0 | 5 | 2 | 8 | 8 |
| DENIC | 0 | 3 | 5 | 0 | 8 | 9 |
| WEB4AFRICA INC. | 1 | 4 | 3 | 0 | 8 | 15 |
| GOOGLE LLC | 0 | 1 | 5 | 1 | 7 | 11 |
| SAV.COM, LLC | 2 | 0 | 3 | 2 | 7 | 12 |
| VEHOST.CO.ZA | 2 | 2 | 2 | 1 | 7 | 8 |
| IN2NET NETWORK INC. | 1 | 3 | 0 | 2 | 6 | 6 |
| PORKBUN, LLC | 0 | 4 | 0 | 2 | 6 | 13 |
| UPPERLINK LIMITED | 2 | 1 | 2 | 1 | 6 | 23 |
| CENTER OF UKRAINIAN INTERNET NAMES DBA UKRNAMES | 1 | 0 | 3 | 1 | 5 | 12 |
| DOMAIN.COM, LLC | 2 | 1 | 0 | 2 | 5 | 8 |
| INSTRA CORPORATION PTY LTD. | 0 | 1 | 4 | 0 | 5 | 30 |
| LIQUIDNET LTD. | 0 | 3 | 2 | 0 | 5 | 5 |
| MIJN INTERNETOPLOSSING B.V. | 0 | 5 | 0 | 0 | 5 | 5 |
| MONIKER ONLINE SERVICES LLC | 0 | 0 | 1 | 4 | 5 | 11 |
| 35.COM | 0 | 0 | 0 | 4 | 4 | 4 |
| ERANET INTERNATIONAL LIMITED | 3 | 1 | 0 | 0 | 4 | 5 |
| FE.RU | 0 | 0 | 4 | 0 | 4 | 4 |
| NETIM SARL | 0 | 0 | 4 | 0 | 4 | 5 |
| REGISTRAR OF DOMAIN NAMES REG.RU | 4 | 0 | 0 | 0 | 4 | 28 |
| WEBAFRICA NETWORKS | 0 | 3 | 0 | 1 | 4 | 16 |
| 101DOMAIN GRS LIMITED | 0 | 2 | 1 | 0 | 3 | 5 |
| AXXESS DSL | 1 | 2 | 0 | 0 | 3 | 5 |
| CRAZY DOMAINS FZ-LLC | 0 | 0 | 0 | 3 | 3 | 22 |
| EPIK INC. | 0 | 0 | 3 | 0 | 3 | 3 |
| GANDI SAS | 0 | 1 | 1 | 1 | 3 | 6 |
| GMO | 1 | 1 | 0 | 1 | 3 | 4 |
| ICPS | 0 | 0 | 0 | 3 | 3 | 3 |
| REGISTER.COM, INC. | 1 | 1 | 0 | 1 | 3 | 12 |
| 007NAMES, INC. | 0 | 0 | 0 | 2 | 2 | 2 |
| DANESCO TRADING LTD. | 0 | 1 | 0 | 1 | 2 | 2 |
| DNC HOLDINGS, INC. | 0 | 0 | 1 | 1 | 2 | 3 |
| FRIKKADEL | 0 | 0 | 0 | 2 | 2 | 2 |
| TLD REGISTRAR SOLUTIONS LTD. | 0 | 0 | 2 | 0 | 2 | 16 |
| URL SOLUTIONS, INC. | 0 | 0 | 1 | 1 | 2 | 3 |
| XNEELO (PTY) LTD | 1 | 0 | 0 | 1 | 2 | 6 |
| AFRIHOST | 0 | 0 | 1 | 0 | 1 | 2 |
| AMPLEHOSTING | 0 | 0 | 1 | 0 | 1 | 4 |
| AUTOMATTIC INC. | 1 | 0 | 0 | 0 | 1 | 1 |
| BIZCN.COM, INC. | 0 | 0 | 1 | 0 | 1 | 1 |
| BOTTLE DOMAINS, INC. | 0 | 1 | 0 | 0 | 1 | 0 |
| CHENGDU WEST DIMENSION DIGITAL TECHNOLOGY CO., LTD. | 0 | 0 | 0 | 1 | 1 | 1 |
| DOMAINSHYPE.COM, INC | 0 | 0 | 0 | 1 | 1 | 2 |
| EURODNS S.A. | 0 | 1 | 0 | 0 | 1 | 2 |
| FREE DOMAIN | 1 | 0 | 0 | 0 | 1 | 6 |
| HOSTNOWNOW | 0 | 0 | 1 | 0 | 1 | 0 |
| INSLYHOST.COM | 1 | 0 | 0 | 0 | 1 | 2 |
| INTERNET INVEST, LTD. DBA IMENA.UA | 0 | 0 | 0 | 1 | 1 | 1 |
| INWX GMBH & CO. KG | 0 | 0 | 1 | 0 | 1 | 1 |
| JIANGSU BANGNING SCIENCE AND TECHNOLOGY CO. LTD. | 0 | 0 | 0 | 1 | 1 | 2 |
| LIGNE WEB SERVICES SARL DBA LWS | 0 | 0 | 1 | 0 | 1 | 10 |
| NETWORK SOLUTIONS, LLC | 0 | 1 | 0 | 0 | 1 | 6 |
| NOTFOUND | 0 | 0 | 0 | 1 | 1 | 2 |
| ONE.COM A/S | 0 | 1 | 0 | 0 | 1 | 1 |
| R01-RU | 0 | 0 | 1 | 0 | 1 | 1 |
| SA DOMAIN | 0 | 0 | 1 | 0 | 1 | 1 |
| UA.IMENA | 1 | 0 | 0 | 0 | 1 | 1 |
| WILD WEST DOMAINS, LLC | 0 | 0 | 1 | 0 | 1 | 10 |
| XIN NET TECHNOLOGY CORPORATION | 0 | 0 | 1 | 0 | 1 | 1 |
| CNOBIN INFORMATION TECHNOLOGY LIMITED | 0 | 0 | 0 | 0 | 0 | 0 |
| DOMAINPEOPLE, INC. | 0 | 0 | 0 | 0 | 0 | 0 |
| GRANSY S.R.O. D/B/A SUBREG.CZ | 0 | 0 | 0 | 0 | 0 | 5 |
| IVECLOUD | 0 | 0 | 0 | 0 | 0 | 0 |
| PSI-USA, INC. DBA DOMAIN ROBOT | 0 | 0 | 0 | 0 | 0 | 1 |
| REGTIME LTD. | 0 | 0 | 0 | 0 | 0 | 1 |
| THE REGISTRY AT INFO AVENUE, LLC D/B/A SPIRIT COMMUNICATIONS | 0 | 0 | 0 | 0 | 0 | 0 |
| VAUTRON RECHENZENTRUM AG | 0 | 0 | 0 | 0 | 0 | 0 |
| WEBSPACEBAR | 0 | 0 | 0 | 0 | 0 | 0 |
| ZA DOMAINS | 0 | 0 | 0 | 0 | 0 | 0 |
Abuse by TLD, ccTLD and Free Sub-Domain
Domains by TLD: Quarterly 2022-01-01 to 2022-12-31 (All Domains)
| Domain End | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| com | 1045 | 923 | 925 | 852 | 3745 |
| co.za | 117 | 134 | 145 | 159 | 555 |
| org | 43 | 31 | 30 | 21 | 125 |
| online | 28 | 20 | 26 | 14 | 88 |
| net | 22 | 18 | 20 | 12 | 72 |
| us | 11 | 3 | 15 | 8 | 37 |
| co.uk | 10 | 7 | 4 | 9 | 30 |
| de | 2 | 4 | 16 | 6 | 28 |
| com.au | 2 | 1 | 11 | 8 | 22 |
| shop | 2 | 4 | 7 | 9 | 22 |
| info | 2 | 3 | 11 | 2 | 18 |
| co | 2 | 2 | 4 | 6 | 14 |
| store | 1 | 0 | 6 | 6 | 13 |
| xyz | 3 | 6 | 0 | 1 | 10 |
| site | 1 | 2 | 3 | 2 | 8 |
| cc | 0 | 3 | 1 | 3 | 7 |
| eu | 3 | 3 | 1 | 0 | 7 |
| live | 0 | 0 | 6 | 1 | 7 |
| biz | 1 | 3 | 0 | 1 | 5 |
| weebly.com | 3 | 0 | 1 | 1 | 5 |
| se | 0 | 0 | 4 | 0 | 4 |
| su | 0 | 0 | 4 | 0 | 4 |
| world | 1 | 3 | 0 | 0 | 4 |
| blogspot.com | 1 | 0 | 0 | 2 | 3 |
| business.site | 0 | 2 | 1 | 0 | 3 |
| icu | 1 | 0 | 2 | 0 | 3 |
| in | 0 | 2 | 1 | 0 | 3 |
| kz | 0 | 0 | 0 | 3 | 3 |
| uk | 1 | 1 | 1 | 0 | 3 |
| wixsite.com | 0 | 0 | 1 | 2 | 3 |
| wordpress.com | 3 | 0 | 0 | 0 | 3 |
| zohosites.com | 1 | 0 | 1 | 1 | 3 |
| com.ng | 0 | 0 | 1 | 1 | 2 |
| delivery | 1 | 0 | 1 | 0 | 2 |
| epizy.com | 0 | 0 | 2 | 0 | 2 |
| homes | 0 | 0 | 1 | 1 | 2 |
| ltd | 1 | 0 | 1 | 0 | 2 |
| monster | 2 | 0 | 0 | 0 | 2 |
| nl | 1 | 1 | 0 | 0 | 2 |
| site123.me | 0 | 0 | 1 | 1 | 2 |
| support | 2 | 0 | 0 | 0 | 2 |
| tech | 1 | 1 | 0 | 0 | 2 |
| webnode.page | 0 | 1 | 0 | 1 | 2 |
| yolasite.com | 1 | 1 | 0 | 0 | 2 |
| ae | 0 | 1 | 0 | 0 | 1 |
| best | 0 | 1 | 0 | 0 | 1 |
| br.com | 0 | 0 | 1 | 0 | 1 |
| cash | 1 | 0 | 0 | 0 | 1 |
| charity | 1 | 0 | 0 | 0 | 1 |
| cn | 0 | 0 | 1 | 0 | 1 |
| co.com | 0 | 1 | 0 | 0 | 1 |
| com.ua | 1 | 0 | 0 | 0 | 1 |
| company.site | 0 | 0 | 1 | 0 | 1 |
| dog | 0 | 0 | 1 | 0 | 1 |
| 0 | 1 | 0 | 0 | 1 | |
| farm | 1 | 0 | 0 | 0 | 1 |
| fund | 1 | 0 | 0 | 0 | 1 |
| ga | 0 | 0 | 1 | 0 | 1 |
| group | 0 | 0 | 0 | 1 | 1 |
| life | 0 | 0 | 0 | 1 | 1 |
| ml | 1 | 0 | 0 | 0 | 1 |
| net.in | 1 | 0 | 0 | 0 | 1 |
| org.za | 1 | 0 | 0 | 0 | 1 |
| pl | 0 | 0 | 0 | 1 | 1 |
| ru | 0 | 0 | 1 | 0 | 1 |
| space | 1 | 0 | 0 | 0 | 1 |
| top | 0 | 1 | 0 | 0 | 1 |
| trycloudflare.com | 1 | 0 | 0 | 0 | 1 |
| ueniweb.com | 0 | 1 | 0 | 0 | 1 |
| webflow.io | 0 | 1 | 0 | 0 | 1 |
| webnode.com | 1 | 0 | 0 | 0 | 1 |
| x10.bz | 0 | 0 | 1 | 0 | 1 |
Domains by TLD: Quarterly 2022-01-01 to 2022-12-31 (Active Domains)
| Domain End | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| com | 390 | 518 | 630 | 645 | 2183 | 3267 |
| co.za | 48 | 75 | 123 | 150 | 396 | 530 |
| org | 12 | 15 | 20 | 18 | 65 | 104 |
| net | 13 | 8 | 16 | 9 | 46 | 102 |
| online | 0 | 4 | 16 | 11 | 31 | 46 |
| de | 1 | 4 | 13 | 4 | 22 | 30 |
| co.uk | 4 | 4 | 3 | 9 | 20 | 30 |
| us | 5 | 1 | 9 | 4 | 19 | 41 |
| info | 1 | 2 | 9 | 2 | 14 | 16 |
| shop | 0 | 1 | 3 | 9 | 13 | 13 |
| store | 0 | 0 | 4 | 5 | 9 | 10 |
| co | 0 | 1 | 2 | 4 | 7 | 10 |
| live | 0 | 0 | 6 | 1 | 7 | 7 |
| eu | 3 | 2 | 1 | 0 | 6 | 11 |
| biz | 1 | 3 | 0 | 1 | 5 | 9 |
| se | 0 | 0 | 4 | 0 | 4 | 8 |
| site | 0 | 1 | 1 | 2 | 4 | 6 |
| su | 0 | 0 | 4 | 0 | 4 | 4 |
| weebly.com | 2 | 0 | 1 | 1 | 4 | 11 |
| blogspot.com | 1 | 0 | 0 | 2 | 3 | 23 |
| business.site | 0 | 2 | 1 | 0 | 3 | 13 |
| com.au | 0 | 0 | 0 | 3 | 3 | 18 |
| in | 0 | 2 | 1 | 0 | 3 | 6 |
| kz | 0 | 0 | 0 | 3 | 3 | 3 |
| wixsite.com | 0 | 0 | 1 | 2 | 3 | 32 |
| wordpress.com | 3 | 0 | 0 | 0 | 3 | 21 |
| zohosites.com | 1 | 0 | 1 | 1 | 3 | 6 |
| cc | 0 | 0 | 0 | 2 | 2 | 2 |
| com.ng | 0 | 0 | 1 | 1 | 2 | 4 |
| homes | 0 | 0 | 1 | 1 | 2 | 3 |
| site123.me | 0 | 0 | 1 | 1 | 2 | 7 |
| support | 2 | 0 | 0 | 0 | 2 | 2 |
| webnode.page | 0 | 1 | 0 | 1 | 2 | 2 |
| yolasite.com | 1 | 1 | 0 | 0 | 2 | 12 |
| ae | 0 | 1 | 0 | 0 | 1 | 1 |
| br.com | 0 | 0 | 1 | 0 | 1 | 1 |
| cash | 1 | 0 | 0 | 0 | 1 | 1 |
| charity | 1 | 0 | 0 | 0 | 1 | 1 |
| cn | 0 | 0 | 1 | 0 | 1 | 1 |
| com.ua | 1 | 0 | 0 | 0 | 1 | 2 |
| company.site | 0 | 0 | 1 | 0 | 1 | 1 |
| delivery | 0 | 0 | 1 | 0 | 1 | 1 |
| dog | 0 | 0 | 1 | 0 | 1 | 1 |
| epizy.com | 0 | 0 | 1 | 0 | 1 | 1 |
| farm | 1 | 0 | 0 | 0 | 1 | 1 |
| fund | 1 | 0 | 0 | 0 | 1 | 1 |
| ga | 0 | 0 | 1 | 0 | 1 | 2 |
| group | 0 | 0 | 0 | 1 | 1 | 1 |
| icu | 0 | 0 | 1 | 0 | 1 | 2 |
| life | 0 | 0 | 0 | 1 | 1 | 1 |
| ml | 1 | 0 | 0 | 0 | 1 | 3 |
| nl | 0 | 1 | 0 | 0 | 1 | 4 |
| pl | 0 | 0 | 0 | 1 | 1 | 3 |
| ru | 0 | 0 | 1 | 0 | 1 | 1 |
| ueniweb.com | 0 | 1 | 0 | 0 | 1 | 1 |
| uk | 0 | 1 | 0 | 0 | 1 | 1 |
| webflow.io | 0 | 1 | 0 | 0 | 1 | 1 |
| world | 0 | 1 | 0 | 0 | 1 | 1 |
| x10.bz | 0 | 0 | 1 | 0 | 1 | 1 |
| xyz | 0 | 1 | 0 | 0 | 1 | 1 |
| best | 0 | 0 | 0 | 0 | 0 | 0 |
| co.com | 0 | 0 | 0 | 0 | 0 | 0 |
| 0 | 0 | 0 | 0 | 0 | 0 | |
| ltd | 0 | 0 | 0 | 0 | 0 | 0 |
| monster | 0 | 0 | 0 | 0 | 0 | 0 |
| net.in | 0 | 0 | 0 | 0 | 0 | 0 |
| org.za | 0 | 0 | 0 | 0 | 0 | 1 |
| space | 0 | 0 | 0 | 0 | 0 | 0 |
| tech | 0 | 0 | 0 | 0 | 0 | 0 |
| top | 0 | 0 | 0 | 0 | 0 | 1 |
| trycloudflare.com | 0 | 0 | 0 | 0 | 0 | 0 |
| webnode.com | 0 | 0 | 0 | 0 | 0 | 5 |
com: Excludes zohosites.com wordpress.com yolasite.com weebly.com trycloudflare.com webnode.com blogspot.com co.com ueniweb.com epizy.com wixsite.com br.com
uk: Excludes co.uk
site: Excludes business.site company.site
in: Excludes net.in
The co.za ccTLD Abuse
In 2022, the .co.za ccTLD was once again the second most abused TLD after .com. These statistics shows via which sponsoring registrar this abuse occurred.
.co.za ccTLD Quarterly: 2022-01-01 to 2022-12-31 (All Domains)
| Registrar | Q1:Total | Q2:Total | Q3:Total | Q4:Total | Period:Total |
|---|---|---|---|---|---|
| 1API GMBH | 55 | 31 | 48 | 67 | 201 |
| DOMAINS.CO.ZA | 11 | 4 | 16 | 49 | 80 |
| REGISTER DOMAIN SA | 12 | 46 | 15 | 2 | 75 |
| HOSTAFRICA | 0 | 5 | 15 | 13 | 33 |
| TRUEHOST CLOUD LIMITED | 4 | 6 | 11 | 11 | 32 |
| HOSTKING.CO.ZA | 5 | 8 | 12 | 5 | 30 |
| VEHOST.CO.ZA | 17 | 5 | 5 | 1 | 28 |
| SA WEBHOSTS | 2 | 7 | 1 | 1 | 11 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 0 | 4 | 5 | 1 | 10 |
| EPAG DOMAINSERVICES GMBH | 1 | 3 | 3 | 2 | 9 |
| 1&1 INTERNET | 1 | 1 | 6 | 0 | 8 |
| AXXESS DSL | 2 | 3 | 0 | 0 | 5 |
| INSLYHOST.COM | 2 | 3 | 0 | 0 | 5 |
| INSTRA CORPORATION PTY LTD. | 2 | 2 | 1 | 0 | 5 |
| WEBAFRICA NETWORKS | 0 | 4 | 0 | 1 | 5 |
| DNS AFRICA LTD | 0 | 0 | 1 | 3 | 4 |
| FRIKKADEL | 1 | 0 | 0 | 2 | 3 |
| WEB4AFRICA INC. | 0 | 0 | 2 | 0 | 2 |
| XNEELO (PTY) LTD | 1 | 0 | 0 | 1 | 2 |
| AFRIHOST | 0 | 0 | 1 | 0 | 1 |
| AMPLEHOSTING | 0 | 0 | 1 | 0 | 1 |
| GANDI SAS | 0 | 0 | 1 | 0 | 1 |
| IVECLOUD | 1 | 0 | 0 | 0 | 1 |
| SA DOMAIN | 0 | 0 | 1 | 0 | 1 |
| WEBSPACEBAR | 0 | 1 | 0 | 0 | 1 |
| ZA DOMAINS | 0 | 1 | 0 | 0 | 1 |
.co.za ccTLD Quarterly: 2022-01-01 to 2022-12-31 (Active Domains)
| Registrar | Q1:Active | Q2:Active | Q3:Active | Q4:Active | Period:Active | Cumulative Active |
|---|---|---|---|---|---|---|
| 1API GMBH | 29 | 28 | 46 | 62 | 165 | 192 |
| DOMAINS.CO.ZA | 4 | 3 | 14 | 47 | 68 | 86 |
| HOSTAFRICA | 0 | 5 | 15 | 13 | 33 | 35 |
| TRUEHOST CLOUD LIMITED | 4 | 3 | 11 | 11 | 29 | 32 |
| HOSTKING.CO.ZA | 2 | 7 | 11 | 4 | 24 | 45 |
| REGISTER DOMAIN SA | 0 | 9 | 3 | 1 | 13 | 17 |
| SA WEBHOSTS | 2 | 7 | 1 | 1 | 11 | 13 |
| EPAG DOMAINSERVICES GMBH | 1 | 3 | 3 | 2 | 9 | 33 |
| PDR LTD. D/B/A PUBLICDOMAINREGISTRY.COM | 0 | 2 | 4 | 1 | 7 | 7 |
| VEHOST.CO.ZA | 2 | 2 | 2 | 1 | 7 | 8 |
| 1&1 INTERNET | 1 | 0 | 5 | 0 | 6 | 6 |
| DNS AFRICA LTD | 0 | 0 | 1 | 3 | 4 | 6 |
| WEBAFRICA NETWORKS | 0 | 3 | 0 | 1 | 4 | 16 |
| AXXESS DSL | 1 | 2 | 0 | 0 | 3 | 5 |
| FRIKKADEL | 0 | 0 | 0 | 2 | 2 | 2 |
| INSTRA CORPORATION PTY LTD. | 0 | 1 | 1 | 0 | 2 | 5 |
| WEB4AFRICA INC. | 0 | 0 | 2 | 0 | 2 | 2 |
| XNEELO (PTY) LTD | 1 | 0 | 0 | 1 | 2 | 6 |
| AFRIHOST | 0 | 0 | 1 | 0 | 1 | 2 |
| AMPLEHOSTING | 0 | 0 | 1 | 0 | 1 | 4 |
| GANDI SAS | 0 | 0 | 1 | 0 | 1 | 1 |
| INSLYHOST.COM | 1 | 0 | 0 | 0 | 1 | 2 |
| SA DOMAIN | 0 | 0 | 1 | 0 | 1 | 1 |
| IVECLOUD | 0 | 0 | 0 | 0 | 0 | 0 |
| WEBSPACEBAR | 0 | 0 | 0 | 0 | 0 | 0 |
| ZA DOMAINS | 0 | 0 | 0 | 0 | 0 | 0 |
Note to registrars, registries and law enforcement
Artists Against 419 does not just say it, we can also prove it. We record numerous attributes for each entry in our database. While some of these are publicly visible at https://db.aa419.org, we record additional evidence of maliciousness. These includes website snapshots with embedded EXIF data, source code of interesting pages, email headers and/or linking data.
We appreciate outreach from any registrar and registry alike where they are keen to understand the nature of this maliciousness and wish to mitigate. You are the parties either abused or used as an entry point for this fraud on the web. The choice is yours to be part of the solution or the problem. Remember, these domains are purchased with the proceeds of fraud to facilitate further fraud.
We may mitigate till the cows come home to protect consumers, but you are the parties that ultimately stop this illegal abuse.
We do not charge any fees for such cooperation.