EstDomains Active Domain List and Registrar Abuse

Estdomains Active Domain List

as of December 1st 2008 as now maintained by Directi is now available in a search able form on HostExploit.com .

The total: 272,488 active domains is provided as a community service, any research or abuse comments on these domains are welcomed to abuse(at)directi.com or estlist (at)hostexploit.com. Any of suspected illegal or child pornography content should be reported directly to IWF here

The images shown continue the review of the actions that Directi, in conjunction with HostExploit, have recently taken to track down and stop abusive domain names and registrants from abusing Directi’s services.

Registrar Abuse

• This provides for a total of 180,745 domains suspended from August 2008 and 527,000 domains with removal of domain registrant anonymity (Privacy Protect).

• Over 50,000 domain names have been suspended that were either involved in abusive activity or registered by customers/registrants exhibiting persistent patterns of abuse.

• These domain names (and/or their registrants) were involved in various types of abuse, such as rogue pharma, spamming, phishing/spoofing, malware perpetration, child pornography, financial frauds and falsified ‘Whois’ information.

• All other services utilized by any of these domain names have also been revoked.

• Of particular note is the suspension of a further 103 domains purveying child pornography the majority of which were apparently registered via Regname org and Buy-Cheap-Domain info (see notes below).

• Over the past three months, certain resellers have been identified who have been the destination of choice for bad actors; among these are Vivids Media GMBH, Klikdomains, MyNick.name, and Webst.ru. Approximately 125,000 domain names registered through these resellers have been suspended so far.


One advantage of this exercise has been the development of active communication channels between us and the community. We've been able to refresh contacts with organizations e.g. Knujon, CastleCops, Spamhaus, McAfee, and Artists Against 419, among others, sharing intelligence on abuse activity.

In scouring for more such cases however, every emphasis is made on avoiding any false positives. All domains suspended were following abuse complaints and exhaustive analysis. With this is mind and with the view on net-neutrality all actions are based upon ACM (Association of Computing Machinery) e.g. 1.2 Avoid harm to others.

An active list of directly suspended domains is available for down load from HostExploit.com.
We welcome any concerns or reports related to the abuse of Directi’s registry services forward to abuse(at)directi.com or admin(at)hostexploit.com

Child Pornography - Researchers note:

We at HostExploit encourage community awareness, investigation and exposure of cyber crime. It is important to stress in virtually all jurisdictions, US, UK, and internationally, it is against the law to download content, possess, or in some cases to attempt to visit websites containing child pornography. This can only be carried out by law enforcement or under the direct authorization of law enforcement. No actual visits have been made to any such website by researchers associated with this report or HostExploit. In determining whether a website within this category is via law enforcement or governmentally authorized child protection agencies. Any reader or researchers, who believe they have knowledge of such a website or online service, should contact your local agency. For community purpose, HostExploit has an informational area for “Reporting Cyber Crime’ and in this case for reporting ‘Illegal Content’ .

Child Pornography on the Internet, Background:

US -Since its establishment in March 1998, the CyberTipline of the US based National Center for Missing & Exploited Children (NCMEC) has received more than 628,680 reports involving the possession, manufacture, and distribution of child pornography, the online enticement of children for sex acts, child prostitution, child sex-tourism, child molestation (not in the family), unsolicited obscene material sent to a child, and misleading domain names.

UK - IWF is the UK’s internet ‘Hotline’ for the public and IT professionals to report potentially illegal online content within our remit. IWF work in partnership with the online industry, law enforcement, government, the education sector, charities, international partners and the public to minimize the availability of this content, specifically, child sexual abuse content hosted anywhere in the world and criminally obscene and incitement to racial hatred content hosted in the UK.

Worldwide - INHOPE is the International Association of Internet Hotlines and was founded in 1999 under the EC Safer Internet Action Plan http://www.europa.eu.int/iap . INHOPE represents Internet Hotlines all over the world, supporting them in their aim to respond to reports of illegal content to make the Internet safer. Click here to find out more about INHOPE