Dissecting the Domains Under the Most-Abused TLDs | WhoisXML API

White Papers

DNS Abuse Trends: Dissecting the Domains Under the Most-Abused TLDs

As DNS abuse and cybercrime remain two sides of the same coin, WhoisXML API researchers decided to build on Spamhaus’s list of TLDs with the worst reputation for spamming.1

Using our WHOIS and DNS intelligence, we retrieved and analyzed thousands of domains under these TLDs that were added in Q4 2022. Our key findings revealed that:

  • About 64% of the domains had redacted WHOIS records, making threat attribution challenging if they figure in malicious campaigns.
  • The top registrars administering the domains were Alibaba Cloud Computing Limited and NameSilo.
  • The leading ISP of the resolving domains was Cloudflare.
  • The domain registrations and IP resolutions could mostly be traced to the U.S. and China.
  • Several domains flagged as malicious continued to host live content.

Download the white paper now to learn more, or contact us to access the complete set of research materials.

[1] https://www.spamhaus.org/statistics/tlds/ 

Try our WhoisXML API for free
Get started