KnujOn.com - The Internet Buck Stops Here

Current Abuse and Compliance Statistics Updated: 1/21/2012 7:21:32 PM EST

Registrars Abuse Overall: 1. ENOM 2. GODADDY 3. .ru 4. OVERSEE 5. NETWORKSOLUTIONS	Owners/Registrants Overall Abused: 1. privacyprotect@dynamicdolphin.com 2. contact@privacyprotect.org 3. adambengur@yahoo.com 4. designshadows@yahoo.com 5. brokerage@buydomains.com
Hosts/IPs/ISPs Overall Absued: 1. 195.178.160.40 2. 68.178.232.100 3. 64.202.189.170 4. 208.73.210.29 5. 64.95.64.197	Nameservers Overall Absued: 1. DNS1.REGISTRAR-SERVERS.COM 2. DNS1.NAME-SERVICES.COM 3. NS1.MONIKERDNS.NET 4. NS1.DOMAINSITE.COM 5. NS1.SEDOPARKING.COM

Port 43 WHOIS Availability Failures for 1/21/2012

1 DOMAIN SOURCE    ABSYSTEMS    ADD2NET INC.    AIM HIGH!
BLACKNIGHT    COMPANA LLC    CV. Jogjacamp    DOMAIN MONKEYS LLC
HECTA MEDIA    ID GENESIS    IHS TELEKOM INC.    INTERNET VIENNAWEB
IWELT AG *    KOMPLEX.NET GMBH    NAME FOR NAME    NAMESHIELD
NEW GREAT DOMAINS    PORTING ACCESS B.V.    SCHUECHTERNET LTD D    SEDO.COM LLC
SITENAME.COM LLC    USA INTRA CORP.    VOCALSPACE    WEB BUSINESS LLC.
ZOG MEDIA *
"3.3.1 At its expense, Registrar shall provide an interactive web page and a port 43 Whois service providing free public query-based access to up-to-date (i.e., updated at least daily) data concerning all active Registered Names sponsored by Registrar for each TLD in which it is accredited."
* = Registrar is in breach

December 2011 Port 43 WHOIS Test Results
FUNPEASMEDIA 82% Failure, INTERNETGROUPDOBRASIL 69% Failure, ATECHNOLOGYCOM 60% Failure, VISESHINFOTECNICS 60% Failure, DOMAINREGI 56% Failure, HOOYOO 52% Failure, LIMELABS 52% Failure, REGTIME 52% Failure, KUWAITNET 47% Failure, DOMAINZLIMITED 39% Failure, HOOYOOUS 39% Failure, WEBZERO 26% Failure, INTERDOMSA 21% Failure, DOMAINREGISTRY.COM 17%, NETDORM 17% Failure.

KnujOn's Dakar Agenda

Registrars still failing basic compliance

It is with great disappointment that we must report some Registrars remain out of compliance for the same issues first reported in June 2011 by KnujOn. Resolutions:
Publishing of the Lifecycle of Registrar Breach Notices

In the interest of transparency and accountability ICANN should publish the full lifecycle of contractual breaches. Currently, the results of breach notices posted by compliance are only known if the Registrar is terminated. Some cure notices are posted but this is done in an Ad Hoc fashion. The following Registrars appear to be in perpetual breach of contract with no closure (Breaches must be cured in 15 Days):
Publishing of Registrar proof of compliance

ICANN compliance should publish an annual audit of Registrar compliance on each section of the RAA, sharing the results with the community in a public report as well as a fixed posting of basic compliance data within the ICANN website. This compliance data should include for each Registrar:
Current legal issues of certain Registrars
OnlineNIC settled cybersquatting suits with Verizon, Microsoft and Yahoo in 2009. While a settlement may have saved OnlineNIC from a violation under RAA 5.3.2, OnlineNIC has in doing so admitted to warehousing domain names for speculation. Resolution: We request an investigation of this situation and a public statement of the findings.
Review of Registrar WDPRS response (Updated 01.09.12)

Pending Rogue Registrar Scoring
Based on responses to complaints and follow-up in this area we are drafting a list of rogue Registrars. At this time the following Registrars (but not limited to) may be designated as rogue: NetLynx, BizCN, eNom, OnlineNIC, Core, Joker, URL Solutions (list to be updated and may include Registrars with other issues).

Update from 11/20/11
The chart below shows the results of a recent study by KnujOn in terms of follow-up compliance with WHOIS inaccuracy complaints filed by KnujOn. This is about response, not just volume. While some Registrars have many abusive domains with false WHOIS, in addressing complaints the issues are resolved. In the case of NetLynx the number of unresolved complaints indicates possible problems at this Registrar. Fortunately, Net-Chinese Co deleted EVERY domain in the complaints, Thanks! Each complaint was the result of a false WHOIS record found while investigating spammed domains reported by KnujOn members. The first column next to each Registrar name indicates the total number of false WHOIS complaints, the second has the number of domains deleted after the complaints were filed, and the third shows specifically how many illicit pharmacy domains remain online regardless of the complaints. The last shows the number of domains still online beyond the ICANN lifecycle deadline (See previous chart).

KnujOn Confirms Hostexploit.com '11 Q3 Report: HostExploit has flagged Oversee in its "Top 50 Bad Hosts & Networks 2011 Q3" Report as the "#1 Bad Host." Knujon can confirm this. The IP 208.73.210.29 (OVERSEE-NET-2) is our #5 overall host of spammed domains, Moniker (Oversee affiliate) is our #4 biggest sponsor of spammed domain names, and NS1.MONIKERDNS.NET (Oversee affiliate) is our #3 worst nameserver for spammed domains. The above chart also ranks Moniker as the 6th worst Registrar in terms of false WHOIS with a surprising number of illicit pharmacy domains enduring beyond the complaint cycle. Review Moniker-Sponsored "No Prescription" Pharmacy Domains (.PDF)

KnujOn - Turning your spam into a safer Internet

KnujOn.com/blog: Governments clash with Registrars over law enforcement changes

KnujOn.com, LLC is an independent, non-sponsored abuse handler and Internet security research company based in Boston, Massachusetts and Wilmington, Vermont. KnujOn accepts abuse data in the form of spam and other security threats to develop a clear picture of conditions facing the Internet. KnujOn builds profiles of online criminal groups, evaluates the quality of Registrars and Internet Service Providers, issues WHOIS challenges, documents policy failures, tests compliance mechanisms, issues reports to law enforcement, and educates the public about complex Internet security issues. We see our role as one of assisting the ordinary Internet user in navigating the complex technical bureaucracy of the global network and augmenting public services in the face of rampant illicit electronic traffic.

Contact KnujOn email: contact@KnujOn.com LinkedIn

KnujOn Forums and Discussions KnujOn Members Forum - M.I.T. Anti-Spam Conference

Follow KnujOn CricleID, Twitter, Internet Governance Forum, and ICANN At-Large

Learn about KnujOn Wikipedia About - Submit Spam - Join - FAQ - Choose your level of involvement - DATA

Get a KnujOn Account!

First Name: Last Name:

Contact Email: - Only for issuing reports, no marketing, address never sold

Do you want your email used in opt-out requests? What is this?

Country: (optional - for statistical purposes and ICANN representation)

I agree to these terms
I would like to support KnujOn with a voluntary Donation what is this?

Membership Benefits
{confirmation required in javascript pop-up}

KnujOn Services Policy Research, Analysis, Development Spam processing(for enforcement) Network and website penetration testing Solutions:

Personal: KnujOn.com is proud to help individuals with their junk mail problems. Personal email application.

Law Enforcement Forensic Tool: KnujOn is designed to collect and sort data for investigations and data analysis. For a demonstration or more information please email contact@knujon.com.

Support Us

{top}

Utilities and Submission Methods

Spam and Abuse - Spam isn't about who sent it, it's about who benefits from it.

How to submit
Forward SPAM email to KNUJON@COLDRAIN.NET
Additional addresses for:

Career/Job/Resume Spam:	jobphishing@coldrain.net
Forum Spam:	forumjunk@coldrain.net
Junk Faxes:	junkfaxes@coldrain.net
Counterfeit products:	fake@coldrain.net
Software Piracy:	swpiracy@coldrain.net
Deposit Scams:	depositscams@coldrain.net
Phishing attempts:	phishing@coldrain.net
Prescription Drug Junk:	rx@coldrain.net
Stock Junk:	stockjunk@coldrain.net