KnujOn (nûj-ôn)



90% of the Illicit Sites Tracked by KnujOn Clustered at 20 registrars.

The 10 Worst Registrars in terms of spam advertised junk product sites and compliance failure

  1. Xinnet Bei Gong Da Software
  2. BEIJING Networks
  3. Todaynic
  4. Joker
  5. eNom, Inc.
  6. MONIKER
  7. Dynamic Dolphin
  8. The Nameit Co/AITDOMAINS.COM
  9. PDR
  10. Intercosmos/DIRECTNIC
4 Companies Control Bulk of U.S. Registrar Accreditations
70 Registrars are in mystery locations
La liste noire des registrars
Analysis: Crackdown on domain name crooks
The Spam Balloon
"Worst Spam Offenders" Notified by ICANN
ICANN Responds to KnujOn Report, Issues Notices to Non-Compliant Registrars
Scott Richter is a registrar?
New Study May Hold Key to Blocking Spam
Wall of shame: 10 worst registrars
Spam domains use small number of registrars
Most Spam Sites Tied to a Handful of Registrars
20 registrars control 90% of illicit domains, says Knujon
Whittling spam down to a manageable level
90% of the Illicit Sites Tracked by KnujOn Clustered at 20 registrars
What is a registrar?
What is an Illicit Domain?
How were the 10 worst rated?
Are the sites/domains in question sending spam?
Scoring factors and metrics


What is a registrar?
Registrars are companies that have been granted authority to issue domain names. Domain names are the "mywebsite.com" names that stand in place of the literal Internet Protocol address (IP) that designates where the web content is served from, i.e. 123.0.123.0. This is similar to saying "Joe's House" instead of "94 West Street Apt 2, Phoenix, Arizona 96782-1234, United States". Domain names are easier to remember and more descriptive.

Because of the large responsibility and power endowed to registrars by the Internet Corporation of Assigned Names and Numbers (ICANN) registrars have a strict set rules they must abide by. However, KnujOn has found that a minority of registrars are skirting these rules and the result is a vacuum with little enforcement or oversight that online criminals have filled with websites selling bogus prescription drugs, knockoff luxury products, pirated software, fake consumer goods, and phantom mortgages. The activities behind this illicit traffic and the products themselves represent serious threats to personal health and safety as we at the economy in general. Learn more about the path of fake products sold in spam. (PPT)


What is an Illicit Domain?
For the purposes of this research an Illicit Domain is generally defined by the following three characteristics:
  1. Advertised using spam, whether email, IM, fax, SMS, blogs, forums, etc.
  2. The site promotes products or services that are either: illegal, dangerous, stolen, counterfeited, pirated, hijacked, contraband, diverted, misrepresented, deceptive, or even non-existent.
  3. The owners use identity theft, corporate obfuscation, forged industry licenses, brandjacking, registration fraud, lifted web content, or stolen credit cards as a standard procedures to set up transaction sites



How were the 10 worst rated?
Not every registrar is the same size. Some registrars have millions of domains while others only a few hundred. We took this into consideration and compared the number of reported spam-advertized junk product sites to the total number domains held by the registrar. We have also included the KnujOn Aggression rating which measures the volume of reported spam messages compared with other registrars and contrasted against the total number of domains held by the specific registrar. KnujOn accepts tens of thousands of junk email samples from the public every day. The bulk of samples used in this study we processed in 2007. The rate of inaccurate registration records and the number of sites featuring trademarked goods are also measured. Finally, the individual scores of each registrar were compared against their peers in order to highlight where the trouble spots are. By looking a many factors we see where certain registrars are failing the consumer, their own customers and their official obligations to the Internet community. Email users continually ask "why do I still get spam?" The answer is that a lack of oversight, auditing and enforcement have allowed a structure to develop inside the Internet that supports spam and illicit product traffic on the Internet.


Are the sites/domains in question sending spam?
No. This is an important distinction. Spam is typically sent from compromised networks and computers unbeknownst to the owners through a variety of Malware. KnujOn is not primarily focused on the spam sending operations (botnets). KnujOn's work in this case deals with the advertised sites where actual transactions take place. In this case a transaction could be an exchange of money for junk products, an theft of money, a theft of identity/information, and/or the delivery of malware to a victim's machine. It would be rare for an advertised illicit site to actually be sending spam. The distribution of the spam-illicit-product operation provides a layer of obfuscation and deniability for those profiting from spam advertising. KnujOn believes that enforcement efforts are best focused on the transaction side rather than the advertisement.


Registrar Ratings as a PDF(pdf)

Scoring factors and metrics

  1. Total Domains: Total number of domains held by registrar
  2. Reported Sites: Raw count of reported sites advertised through spam
  3. Proportion of Reported to Total: Proportion of total spam-reported to total domain count
  4. Raw Aggression: Number of spam instances advertising domains at this registrar
  5. Proportional Aggression: Proportion of total spam instances to the total domains at the registrar.
  6. Overall Score: An overall rating based on each of the above results
  7. Inaccuracy Count: Total count of inaccurate registration records
  8. Inaccuracy Rating: Proportion of inaccurate records to total domains at the registrar
  9. Trademark Factor: Volume of sites noted for featuring trademarked brands

The List

  1. Xinnet Bei Gong Da Software
    Area Building 2, Level 1, BDA Beijing 100176 China

    Total Domains: 897,962
    Reported Sites: 15,551 – 4th highest for site volume (each site is pulled from a spam email)
    Proportion of Reported to Total: 1.7% - 4th
    Raw Aggression: 1,644,986 - 1st (Total count of spam emails featuring domains at this registrar)
    Proportional Aggression: 183.19 -3rd (meaning 183 spams for each domain they hold)
    Overall Score: 3 – 1st, the “worst”
    Inaccuracy Count: 10,383 2nd for inaccuracies (in the last 12 months)
    Inaccuracy Rating: 1% (Typical inaccuracy percentage is 0.004%, anything higher than 0.5% is bad)
    Trademark Factor: 1st (This is based on site content and scoring for trademarked brands)

    Xin Net's Bottomless Bottle of Pills

    In an effort to continue highlighting concerns at specific providers we will focus on each company listed in KnujOn top 10 of the worst spam-related registrars. ICANN responded Friday to this list which included Xin Net as #1. Xin Net has been the focus of controversy and efforts at CastleCops recently and is heavily connected to Fast Flux operations as evidenced by this analysis at the Universitΰ degli Studi di Milano. Xin Net accounts for 75% of the Fast Flux traffic. The University of Milan Dipartimento di Informatica e Comunicazione has found 10,570 malicious domains at Xin Net connected to Fast Flux. KnujOn's Xin Net illicit domain count is fast approaching 30,000. Much of this traffic and spam advertises "Canadian Pharmacy" type sites as seen below:



  2. BEIJINGNN
    20/F, Block A, SP Tower, Tsinghua Science Park Building 8, No.1 Zhongguaneun East Road Haidian District, Beijing 100084 China

    Total Domains: 303,801 Reported Sites: 10,083 -8th highest for site volume
    Proportion of Reported to Total: 3.3% - 3rd
    Raw Aggression: 857,688 - 2nd
    Proportional Aggression: 282.31 - 2nd
    Overall Score: 3.75 – 2nd
    Inaccuracy Count: 6705 - 6th
    Inaccuracy Rating: 2%
    Trademark Factor: 5th


  3. Todaynic
    Rm 603-605 6B, Xihai Building No. 221 Renmin E. Road Zhuhai City, Guangdong Province 519000 China

    Total Domains: 66,314
    Reported Sites: 2,958 -13th highest for site volume
    Proportion of Reported to Total: 4.5% - 2nd
    Raw Aggression: 342,511 - 4th
    Proportional Aggression: 516.5 - 1st
    Overall Score: 5 – 3rd
    Inaccuracy Count: 2260 – 8th
    Inaccuracy Rating: 3%
    Trademark Factor: 11th


  4. Joker
    Hansaallee 191-193 40549 Duesseldorf Germany

    Total Domains: 636,431
    Reported Sites: 9051 -9th highest for site volume
    Proportion of Reported to Total: 1.42% - 7th
    Raw Aggression: 487,727 - 3rd
    Proportional Aggression: 76.63 - 4th
    Overall Score: 5.75 – 4th
    Inaccuracy Count: 7746 – 4th
    Inaccuracy Rating: 1%
    Trademark Factor: 27th


  5. eNom, Inc.
    15801 NE 24th St. Bellevue, WA 98008 USA

    Total Domains: 11,040,841
    Reported Sites: 47,007 sites - 1st
    Proportion of Reported to Total: 0.42% - 11th
    Raw Aggression: 317,677 instances or messages - 5th
    Proportional Aggression: 2.9 - 9th
    Overall Score: 6.5 – 5th
    Inaccuracy Count: 8530 – 3rd
    Inaccuracy Rating: 0.1%
    Trademark Factor: 3rd


  6. MONIKER
    20 SW 27th Ave. Suite 201 Pompano Beach, Florida 33069

    Total Domains: 2,725,240
    Reported Sites: 30628 -2nd highest for site volume
    Proportion of Reported to Total: 1.12% - 8th
    Raw Aggression: 87,071 - 9th
    Proportional Aggression: 3.19 - 8th
    Overall Score: 6.75 – 6th
    Inaccuracy Count: 11,680 – 1st
    Inaccuracy Rating: 0.4%
    Trademark Factor: 21st


  7. Dynamic Dolphin
    5023 W 120th Ave #233 Broomfield CO

    Total Domains: 45,019
    Reported Sites: 7,846 -10th highest for site volume
    Proportion of Reported to Total: 17.42% - 1st
    Raw Aggression: 23,825 - 16th
    Proportional Aggression: 52.92 - 6th
    Overall Score: 8.25 – 7th
    Inaccuracy Count: 4744 – 6th
    Inaccuracy Rating: 10%
    Trademark Factor: 22nd


  8. The Nameit Co/AITDOMAINS.COM
    421 Maiden Lane Fayetteville, N.C. 28301

    Total Domains: 155,474
    Reported Sites: 2620 -16th highest for site volume
    Proportion of Reported to Total: 1.68% - 5th
    Raw Aggression: 103,786 - 7th
    Proportional Aggression: 66.75 -5th
    Overall Score: 8.25 – 8th
    Inaccuracy Count: 1433 – 8th
    Inaccuracy Rating: 1%
    Trademark Factor: 45th 9. PDR


  9. PDR
    14525 SW Millikan #48732 Beaverton Oregon, 97005-2343

    Total Domains: 1,751,224
    Reported Sites: 13,025 - 6th highest for site volume
    Proportion of Reported to Total: 0.74% - 9th
    Raw Aggression: 45,319 – 13th
    Proportional Aggression: 2.59 - 10th
    Trademark Factor: 9.5 – 9th
    Inaccuracy Count: 6986 – 5th
    Inaccuracy Rating: 0.4%
    Trademark Factor: 20th


  10. Intercosmos/DIRECTNIC
    650 Poydras Street, Suite 1150 New Orleans, Louisiana 70130

    Total Domains: 1,125,148
    Reported Sites: 4918 -11th highest for site volume
    Proportion of Reported to Total: 0.43% - 10th
    Raw Aggression: 50678 - 12th
    Proportional Aggression: 4.504118569 - 7th
    Overall Score: 10 – 10th
    Inaccuracy Count: 868 – 12th
    Inaccuracy Rating: 0.1%
    Trademark Factor: 13th




4 Companies Control Bulk of U.S. Registrar Accreditations

If one were to look at the Internic directory it would appear that there are 529 ICANN accredited registrars in the United States. Having this many different companies would give the appearance that there is diversity and competition in the domain marketplace. However, you would be wrong. Four companies control 318 accreditations: eNom (116), Directi/PDR (47), Dotster (51), and Snapnames (104). Another 122 accreditations are owned by only 23 companies. What is left are 136 registrars that appear independent. So, that would make 163 the realistic count not 529. Considering this data the U.S. Registrar industry looks less like a an open and competitive market and more like a cartel.

Accreditations Controlled by eNom

  1. Afterdark Domains, Incorporated
  2. Alfena, LLC
  3. Arab Internet Names, Incorporated
  4. AsiaDomains, Incorporated
  5. Big House Services, Inc.
  6. Blisternet, Incorporated
  7. Central Registrar, Inc.
  8. Dagnabit, Incorporated
  9. DBMS, Incorporated
  10. Domain Rouge, Inc.
  11. Domainnovations, Incorporated
  12. DropLimited.com, Inc.
  13. DropNation.com, Inc.
  14. Dropoutlet, Incorporated
  15. Enom Corporate, Inc.
  16. Enom GMP Services, Inc.
  17. eNom World, Inc.
  18. eNom, Inc.
  19. Enom1, Inc.
  20. Enom2, Inc.
  21. Enom3, Inc.
  22. enom371, Incorporated
  23. enom373, Incorporated
  24. enom375, Incorporated
  25. enom377, Incorporated
  26. enom379, Incorporated
  27. enom381, Incorporated
  28. enom383, Incorporated
  29. enom385, Incorporated
  30. enom387, Incorporated
  31. enom389, Incorporated
  32. enom391, Incorporated
  33. enom393, Incorporated
  34. enom395, Incorporated
  35. enom397, Incorporated
  36. enom399, Incorporated
  37. Enom4, Inc.
  38. enom403, Incorporated
  39. enom405, Incorporated
  40. enom407, Incorporated
  41. enom409, Incorporated
  42. enom411, Incorporated
  43. enom413, Incorporated
  44. enom415, Incorporated
  45. enom417, Incorporated
  46. enom419, Incorporated
  47. enom421, Incorporated
  48. enom423, Incorporated
  49. enom425, Incorporated
  50. enom427, Incorporated
  51. enom429, Incorporated
  52. enom431, Incorporated
  53. enom433, Incorporated
  54. enom435, Incorporated
  55. enom437, Incorporated
  56. enom439, Incorporated
  57. enom441, Incorporated
  58. enom443, Incorporated
  59. enom445, Incorporated
  60. enom447, Incorporated
  61. enom449, Incorporated
  62. enom451, Incorporated
  63. enom453, Incorporated
  64. enom455, Incorporated
  65. enom457, Incorporated
  66. enom459, Incorporated
  67. enom461, Incorporated
  68. enom463, Incorporated
  69. enom465.com, Incorporated
  70. enom467, Incorporated
  71. enom469, Incorporated
  72. Enom5, Inc.
  73. Enoma1, Inc.
  74. EnomAte, Inc.
  75. EnomAU, Inc.
  76. eNombre Corporation
  77. EnomEU, Inc.
  78. Enomfor, Inc.
  79. EnomMX, Inc.
  80. Enomnz, Inc.
  81. eNomsky, Inc.
  82. EnomTen, Inc.
  83. EnomToo, Inc.
  84. EnomV, Inc.
  85. EnomX, Inc.
  86. Entertainment Names, Incorporated
  87. Extra Threads Corporation
  88. FastDomain Inc.
  89. Fushi Tarazu, Incorporated
  90. Gunga Galunga, Incorporated
  91. Ignitela,LLC
  92. Indirection Identity Corporation
  93. Internet Internal Affairs Corporation
  94. Kingdomains, Incorporated
  95. Mark Barker, Incorporated
  96. Mobile Name Services, Inc.
  97. Name Nelly Corporation
  98. Name Thread Corporation
  99. Nerd Names Corporation
  100. Nom Infinitum, Incorporated
  101. PocketDomain.com Inc.
  102. PostalDomains, Incorporated
  103. Private Domains, Incorporated
  104. Retail Domains, Inc.
  105. SBSNames, Incorporated
  106. Searchnresq, Inc.
  107. SicherRegister, Incorporated
  108. Sipence, Inc.
  109. Small Business Names and Certs, Incorporated
  110. Sssasss, Incorporated
  111. Threadagent.com, Inc.
  112. Traffic Names, Incorporated
  113. TravelDomains, Incorporated
  114. Vedacore.com, Inc.
  115. Whiteglove Domains, Incorporated
  116. yenkos, LLC

Accreditations Controlled by Snapnames

  1. Adomainofyourown.com LLC
  2. Allearthdomains.com LLC
  3. Allworldnames.com LLC
  4. AtlanticFriendNames.com LLC
  5. Atomicdomainnames.com LLC
  6. Baronofdomains.com LLC
  7. Beartrapdomains.com LLC
  8. Belmontdomains.com LLC
  9. Betterthanaveragedomains.com LLC
  10. Biglizarddomains.com LLC
  11. BullRunDomains.com LLC
  12. Burnsidedomains.com LLC
  13. Columbianames.com LLC
  14. Compuglobalhypermega.com LLC
  15. Deutchdomains, LLC
  16. Domainamania.com LLC
  17. Domainarmada.com LLC
  18. Domaincapitan.com LLC
  19. Domaincomesaround.com LLC
  20. Domaingazelle.com LLC
  21. Domainhawks.net LLC
  22. Domainhysteria.com LLC
  23. Domaininthebasket.com LLC
  24. Domainjungle.net LLC
  25. DomainParkBlock.com LLC
  26. Domainraker.net LLC
  27. Domainroyale.com LLC
  28. DomainSails.net LLC
  29. Domainsalsa.com LLC
  30. Domainsareforever.net LLC
  31. Domainsinthebag.com LLC
  32. Domainsofcourse.com LLC
  33. Domainsoftheday.net LLC
  34. Domainsoftheworld.net LLC
  35. Domainsofvalue.com LLC
  36. Domainsouffle.com LLC
  37. Domainsoverboard.com LLC
  38. Domainsovereigns.com LLC
  39. DomainSprouts.com LLC
  40. Domainstreetdirect.com LLC
  41. Domainsurgeon.com LLC
  42. Domaintimemachine.com LLC
  43. Domainyeti.com LLC
  44. DuckBilledDomains.com LLC
  45. EUNameFlood.com LLC
  46. EunamesOregon.com LLC
  47. EuropeanConnectiononline.com LLC
  48. EurotrashNames.com LLC
  49. EUTurbo.com LLC
  50. FindUAName.com LLC
  51. FindYouADomain.com LLC
  52. FindYouAName.com LLC
  53. Flancrestdomains.com LLC
  54. Freshbreweddomains.com LLC
  55. FrontStreetDomains.com LLC
  56. GateKeeperDomains.net LLC
  57. Godomaingo.com LLC
  58. GoServeYourDomain.com LLC
  59. Gozerdomains.com LLC
  60. Gradeadomainnames.com LLC
  61. Hawthornedomains.com LLC
  62. Heavydomains.net LLC
  63. Imminentdomains.net LLC
  64. Interlakenames.com LLC
  65. IServeYourDomain.com LLC
  66. Klaatudomains.com LLC
  67. Masterofmydomains.net LLC
  68. Microbreweddomains.com LLC
  69. Mvpdomainnames.com LLC
  70. Mypreciousdomain.com LLC
  71. Namearsenal.com LLC
  72. Namecroc.com LLC
  73. Nameemperor.com LLC
  74. Namefinger.com LLC
  75. Namepanther.com LLC
  76. Namesalacarte.com LLC
  77. Namescape.com LLC
  78. Namevolcano.com LLC
  79. NotSoFamousNames.com LLC
  80. Octopusdomains.net LLC
  81. OldTownDomains.com LLC
  82. OldWorldAliases.com LLC
  83. OregonEU.com LLC
  84. OregonURLs.com LLC
  85. PDXPrivateNames.com LLC
  86. PearlNamingService.com LLC
  87. PortlandNames.com LLC
  88. Protondomains.com LLC
  89. Rainydaydomains.com LLC
  90. Sammamishdomains.com LLC
  91. Santiamdomains.com LLC
  92. Savethename.com LLC
  93. Silverbackdomains.com LLC
  94. Sitefrenzy.com LLC
  95. Skykomishdomains.com LLC
  96. Snappyregistrar.com LLC
  97. Snoqulamiedomains.com LLC
  98. Soyouwantadomain.com LLC
  99. ThirdFloorDNS.com LLC
  100. Udamain.com LLC
  101. UdomainName.com LLC
  102. WillametteNames.com LLC
  103. YouDamain.com LLC
  104. ZigZagnames.com LLC

Accreditations Controlled by Directi/PDR

  1. Best Site Names, Inc.
  2. Big Domain Shop, Inc.
  3. Click Registrar, Inc.
  4. Colossal Names, Inc.
  5. Cool Ocean, Inc.
  6. Cotton Water, Inc.
  7. Crystal Coal, Inc.
  8. Curious Net, Inc.
  9. Domain Band, Inc.
  10. Domain Mantra, Inc.
  11. Ever Ready Names, Inc.
  12. Extend Names, Inc.
  13. Extremely Wild
  14. Fenominal, Inc.
  15. Find Good Domains, Inc.
  16. Game For Names, Inc.
  17. Genuine Names, Inc.
  18. Get Real Names, Inc.
  19. Global Names Online, Inc.
  20. Go Full House, Inc.
  21. Instinct Solutions, Inc.
  22. Jumbo Name, Inc.
  23. Key Registrar, Inc.
  24. Magic Friday, Inc.
  25. Name Perfections, Inc.
  26. Name To Fame, Inc.
  27. Names Bond, Inc.
  28. Names Real, Inc.
  29. Naming Associate, Inc.
  30. Need Servers, Inc.
  31. Net Juggler, Inc.
  32. Network Savior, Inc.
  33. Platinum Registrar, Inc.
  34. Power Carrier, Inc.
  35. Power Namers, Inc.
  36. Specific Name, Inc.
  37. Super Name World, Inc.
  38. Tech Tyrants, Inc.
  39. The Names Registration, Inc.
  40. The Registrar Service, Inc.
  41. Trade Starter, Inc.
  42. Unified Servers, Inc.
  43. Unpower, Inc.
  44. Venus Domains, Inc.
  45. Yellow Start, Inc.
  46. Your Domain King, Inc.
  47. Zone Casting, Inc.

Accreditations Controlled by Dotster

  1. 000domains, LLC
  2. 123domainrenewals, LLC
  3. 1800-website, LLC
  4. 24x7domains, LLC
  5. 995discountdomains, LLC
  6. Address Creation, LLC
  7. Addressontheweb, LLC
  8. Allaccessdomains, LLC
  9. Alldomains, LLC
  10. Allindomains, LLC
  11. Austriadomains, LLC
  12. Austriandomains, LLC
  13. Bearsdomain, LLC
  14. Bidfordomainnames, LLC
  15. Capitaldomains, LLC
  16. CAT, Inc. dba Namezero.com
  17. Chinesedomains, LLC
  18. Chocolatecovereddomains,LLC
  19. Claimeddomains, LLC
  20. Cocosislandsdomains, LLC
  21. Columbiadomains, LLC
  22. Decentdomains, LLC
  23. Department-of-domains, LLC
  24. Deschutesdomains.com LLC
  25. Diggitydot, LLC
  26. Discountdomainservices, LLC
  27. Domain Pro, LLC
  28. Domain-A-Go-Go, LLC
  29. Domainbulkregistration, LLC
  30. Domainbusinessnames, LLC
  31. Domaincamping, LLC
  32. Domainducks, Inc. dba Personalnames.com
  33. Domainhostingweb, LLC
  34. Domaininternetname, LLC
  35. Domaininthehole.com LLC
  36. Domainnamebidder, LLC
  37. Domainnamelookup, LLC
  38. Dotregistrar, LLC
  39. Dotster, Inc.
  40. DSTR Acquisition PA I, LLC dba DomainBank.com
  41. Enameco, LLC
  42. Hostlane, Inc
  43. MyDomain, Inc.
  44. Niuedomains, LLC
  45. PrivacyPost, Inc
  46. Register Names, LLC
  47. Samoandomains, LLC
  48. Signature Domains, LLC
  49. Tuvaludomains, LLC
  50. Unitedkingdomdomains, LLC
  51. Universal Registration Services, Inc. dba NewDentity.com
Privacy Policy and Mission Statement