ICANN Contractual Compliance’s enforcement of DNS Abuse requirements for April 2025
DNS Abuse Complaints Received Against Registrars
Monthly Average of Complaints Received by DNS Abuse Type
One single complaint can refer to one or multiple domain names and report multiple types of DNS Abuse associated with the reported domain name(s). Therefore, the sum of the DNS Abuse types in these reports will not equal the total of individual DNS Abuse complaints received within the month, or the total of reported domain names used for DNS Abuse.
This includes all complaints received where the complainants selected one or more DNS Abuse type(s) in the Contractual Compliance webform. These do not equal the number of complaints received with validated and actionable allegations of DNS Abuse. Details about actionable complaints are in the relevant reports below.
Due to rounding, percentages may not always appear to add up to 100%.
Monthly Trend of Complaints Received by DNS Abuse Type
Monthly Detail of Complaints Received by DNS Abuse Type
| DNS Abuse Type | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Phishing | 287 | 235 | 245 | 295 | 218 | 281 | 267 | 241 | 271 | 353 | 294 | 287 | 273 |
| DNS Abuse RAA: Malware | 38 | 24 | 36 | 37 | 24 | 58 | 45 | 37 | 44 | 49 | 28 | 72 | 41 |
| DNS Abuse RAA: Botnets | 18 | 8 | 12 | 18 | 7 | 18 | 19 | 11 | 11 | 17 | 12 | 25 | 15 |
| DNS Abuse RAA: Pharming | 72 | 33 | 42 | 31 | 21 | 39 | 38 | 33 | 36 | 55 | 23 | 26 | 37 |
| DNS Abuse RAA: Spam (vector) | 99 | 78 | 89 | 91 | 74 | 109 | 87 | 86 | 94 | 92 | 77 | 95 | 89 |
| Total | 514 | 378 | 424 | 472 | 344 | 505 | 456 | 408 | 456 | 566 | 434 | 505 | 455 |
DNS Abuse RAA: Phishing
DNS Abuse RAA: Botnets
DNS Abuse RAA: Spam (vector)
DNS Abuse RAA: Malware
DNS Abuse RAA: Pharming
Number of Compliance Notifications Sent to Registrars Under DNS Abuse Requirements by DNS Abuse Type
| DNS Abuse Type | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Phishing | |||||||||||||
| 1st Inquiry/Notice | 33 | 23 | 26 | 24 | 37 | 29 | 28 | 12 | 33 | 24 | 17 | 17 | 25.3 |
| 2nd Inquiry/Notice | 7 | 5 | 6 | 4 | 4 | 5 | 3 | 4 | 4 | 5 | 5 | 1 | 4.4 |
| 3rd Inquiry/Notice | 1 | 1 | 3 | 1 | - | 1 | 1 | - | - | 1 | 3 | 1 | 1.1 |
| Escalated Notice | 1 | - | - | - | 2 | 3 | - | 1 | 1 | 1 | - | 1 | 0.8 |
| Breach Notice | - | - | - | - | 1 | - | - | - | - | 1 | - | - | 0.2 |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RAA: Malware | |||||||||||||
| 1st Inquiry/Notice | 1 | - | 3 | 3 | - | 4 | 5 | 3 | 3 | 1 | - | - | 1.9 |
| 2nd Inquiry/Notice | - | - | 1 | 2 | 1 | 2 | 1 | 1 | 1 | 1 | - | - | 0.8 |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | 1 | - | - | - | 1 | 1 | - | - | - | 0.3 |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RAA: Botnets | |||||||||||||
| 1st Inquiry/Notice | - | - | 1 | 1 | 1 | 1 | - | - | 1 | - | - | - | 0.4 |
| 2nd Inquiry/Notice | - | - | 1 | - | 2 | 1 | - | - | - | - | - | - | 0.3 |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RAA: Pharming | |||||||||||||
| 1st Inquiry/Notice | 6 | 2 | 2 | 1 | 1 | 2 | 1 | 2 | 1 | 2 | 2 | 2 | 2.0 |
| 2nd Inquiry/Notice | 1 | - | 1 | 1 | - | 2 | - | 1 | - | 1 | 1 | - | 0.7 |
| 3rd Inquiry/Notice | - | 1 | - | - | - | - | 1 | - | - | - | - | - | 0.2 |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RAA: Spam (vector) | |||||||||||||
| 1st Inquiry/Notice | 3 | 7 | 4 | 7 | 5 | 8 | 5 | 2 | 3 | 1 | 1 | 1 | 3.9 |
| 2nd Inquiry/Notice | 2 | - | 1 | 1 | 2 | 1 | 1 | 2 | - | 1 | 1 | - | 1.0 |
| 3rd Inquiry/Notice | - | 1 | - | - | - | 1 | 1 | - | - | - | - | - | 0.3 |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
One single complaint can report multiple types of DNS Abuse associated with the reported domain name(s); therefore, the sum of the DNS Abuse types in these reports will be greater than the total of individual DNS Abuse notifications sent within the month. One single complaint can also report one or multiple domain names used for DNS Abuse.
Number of Compliance Notifications Sent to Registrars under 3.18.3 of the RAA
Complaints were submitted by Law Enforcement Agencies (LEA) or other authorities within the Registrar’s jurisdiction
| DNS Abuse Type | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Abuse Report RAA provision: under 3.18.3 RAA | |||||||||||||
| 1st Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Suspension Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
Monthly Detail of Reasons for Resolving Cases with Registrars by DNS Abuse Type
DNS Abuse RAA: Phishing Average Closed Per Month
DNS Abuse RAA: Malware Average Closed Per Month
DNS Abuse RAA: Botnets Average Closed Per Month
DNS Abuse RAA: Pharming Average Closed Per Month
DNS Abuse RAA: Spam (vector) Average Closed Per Month
| Reasons why cases were resolved - action taken by the registrar or reasons why no action was taken | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Phishing | |||||||||||||
| The registrar suspended/deactivated the domain name. This is an appropriate mitigation action to stop the use of the domain name for DNS Abuse. | 17 | 16 | 10 | 9 | 17 | 18 | 15 | 7 | 19 | 7 | 11 | 9 | 12.9 |
| The registrar does not have actionable evidence to determine the domain name is being used for DNS Abuse. | - | 7 | 6 | 7 | 10 | 3 | 4 | 4 | 7 | 3 | 7 | 6 | 5.3 |
| The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | - | 4 | 3 | - | 6 | - | 2 | - | - | - | - | - | 1.3 |
| The registrar took appropriate mitigation action, other than suspension, to stop the use of the domain name for DNS Abuse. | - | 1 | 2 | 1 | - | 5 | 2 | - | - | - | 1 | - | 1.0 |
| The registrar suspended or deactivated the domain name. This is a reasonable response to an abuse report. | 5 | - | - | - | 1 | - | - | - | 2 | - | - | - | 0.7 |
| The registrar requested the registrant and/or reseller to act on an abusive activity. The registrant and/or reseller then took action that resulted in the abusive activity being stopped. The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | 1 | - | - | 1 | 3 | - | - | 2 | 1 | - | - | - | 0.7 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 4 | - | - | - | 1 | - | - | - | - | 1 | - | - | 0.5 |
| The matter has been withdrawn due to an ICANN issue. | - | - | - | - | - | - | - | - | 1 | - | 1 | - | 0.2 |
| The registrar requested the registrant and/or reseller to act on an abusive activity. This is an appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The registrar corrected its noncompliance. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The registrar published the required abuse contact. This contact provides a confirmation receipt to any party submitting an abuse report. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Phishing Total | 29 | 28 | 21 | 18 | 38 | 26 | 25 | 13 | 31 | 11 | 20 | 15 | 22.9 |
| DNS Abuse RAA: Malware | |||||||||||||
| The registrar suspended/deactivated the domain name. This is an appropriate mitigation action to stop the use of the domain name for DNS Abuse. | 1 | - | - | 1 | 3 | 2 | 2 | - | 2 | 3 | - | - | 1.2 |
| The registrar does not have actionable evidence to determine the domain name is being used for DNS Abuse. | - | - | 1 | - | - | - | - | - | - | 1 | 1 | - | 0.3 |
| The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The registrar corrected its noncompliance. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The registrar requested the registrant and/or reseller to act on an abusive activity. The registrant and/or reseller then took action that resulted in the abusive activity being stopped. The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Malware Total | 2 | - | 1 | 1 | 3 | 2 | 4 | - | 2 | 4 | 1 | - | 1.7 |
| DNS Abuse RAA: Botnets | |||||||||||||
| The registrar suspended/deactivated the domain name. This is an appropriate mitigation action to stop the use of the domain name for DNS Abuse. | - | - | - | - | 2 | - | - | - | 1 | 1 | - | - | 0.3 |
| The registrar does not have actionable evidence to determine the domain name is being used for DNS Abuse. | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| The registrar requested the registrant and/or reseller to act on an abusive activity. The registrant and/or reseller then took action that resulted in the abusive activity being stopped. The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Botnets Total | 1 | - | 1 | - | 2 | - | - | - | 1 | 1 | - | - | 0.5 |
| DNS Abuse RAA: Pharming | |||||||||||||
| The registrar does not have actionable evidence to determine the domain name is being used for DNS Abuse. | - | 1 | 1 | - | - | - | 1 | 1 | 2 | - | 1 | - | 0.6 |
| The registrar suspended/deactivated the domain name. This is an appropriate mitigation action to stop the use of the domain name for DNS Abuse. | - | 1 | - | - | 1 | 1 | - | - | - | - | - | 1 | 0.3 |
| The registrar took appropriate mitigation action, other than suspension, to stop the use of the domain name for DNS Abuse. | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | - | 1 | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Pharming Total | 2 | 3 | 2 | - | 1 | 1 | 1 | 1 | 2 | - | 1 | 1 | 1.3 |
| DNS Abuse RAA: Spam (Vector) | |||||||||||||
| The registrar suspended/deactivated the domain name. This is an appropriate mitigation action to stop the use of the domain name for DNS Abuse. | 4 | 5 | - | 2 | 5 | 5 | 1 | 3 | 3 | - | - | - | 2.3 |
| The registrar does not have actionable evidence to determine the domain name is being used for DNS Abuse. | - | - | 2 | 1 | - | - | - | - | 2 | 2 | - | - | 0.6 |
| The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | - | 1 | 1 | - | - | - | 1 | - | - | - | - | - | 0.3 |
| The registrar requested the registrant and/or reseller to act on an abusive activity. The registrant and/or reseller then took action that resulted in the abusive activity being stopped. The registrar took appropriate mitigation action to disrupt the use of the domain name for DNS Abuse. | 1 | - | - | - | 2 | - | - | - | - | - | - | - | 0.3 |
| The registrar took appropriate mitigation action, other than suspension, to stop the use of the domain name for DNS Abuse. | - | - | 1 | - | - | 1 | - | - | - | - | - | - | 0.2 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 2 | - | - | - | - | - | - | - | - | - | - | - | 0.2 |
| DNS Abuse RAA: Spam (Vector) Total | 7 | 6 | 4 | 3 | 7 | 6 | 2 | 3 | 5 | 2 | - | - | 3.8 |
| Grand Total | 41 | 37 | 29 | 22 | 51 | 35 | 32 | 17 | 41 | 18 | 22 | 16 | 30.1 |
Monthly Detail of Reasons for Resolving Cases with Registrars by DNS Abuse Type
Complaints were submitted by Law Enforcement Agencies (LEA) or other authorities within the Registrar’s jurisdiction
| DNS Abuse Type / Resolved Code | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Abuse Report RAA provision: under 3.18.3 RAA | |||||||||||||
| - | - | - | - | - | - | - | - | - | - | - | - | - | |
| Abuse Report RAA provision: under 3.18.3 RAA Total | - | - | - | - | - | - | - | - | - | - | - | - | - |
DNS Abuse cases resolved with registrars involving maliciously registered vs. compromised domains
| MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Maliciously Registered Domain | 16 | 16 | 11 | 11 | 21 | 21 | 17 | 10 | 17 | 8 | 12 | 9 | 14 |
| DNS Abuse RAA: Compromised Domain | 1 | 5 | 4 | 2 | 6 | - | 1 | - | 2 | 1 | - | - | 2 |
| Grand Total | 17 | 21 | 15 | 13 | 27 | 21 | 18 | 10 | 19 | 9 | 12 | 9 | 16 |
Invalid or Unactionable Complaints Received Against Registrars by DNS Abuse Type
| Reason why complaint was deemed invalid | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Phishing | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 25 | 49 | 64 | 32 | 83 | 63 | 81 | 24 | 64 | 77 | 122 | 102 | 65.5 |
| The complaint is out of scope because the complainant did not provide the requested information. | 42 | 77 | 79 | 59 | 87 | 55 | 65 | 22 | 53 | 73 | 52 | 68 | 61.0 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 22 | 45 | 64 | 47 | 49 | 56 | 85 | 19 | 48 | 75 | 70 | 83 | 55.3 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 22 | 32 | 16 | 23 | 18 | 26 | 25 | 23 | 19 | 44 | 28 | 20 | 24.7 |
| The complaint is out of scope because it is a duplicate of an open complaint. | 8 | 5 | 5 | 38 | 7 | 5 | 21 | 20 | 3 | 3 | 7 | 6 | 10.7 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 43 | - | - | - | - | - | - | - | - | - | - | - | 3.6 |
| The complaint is out of scope because the domain is not registered. | 2 | 3 | 5 | - | 5 | 2 | 4 | 2 | 2 | 4 | 5 | 4 | 3.2 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | 1 | 2 | 3 | 3 | - | - | 2 | - | 3 | 3 | 2 | 3 | 1.8 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | 3 | 5 | 2 | 7 | 3 | - | - | - | - | - | 2 | - | 1.8 |
| The complaint is out of scope because it is incomplete or broad. | - | 4 | 5 | - | 1 | - | 1 | - | - | - | - | - | 0.9 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | 1 | - | - | - | - | 2 | - | 1 | - | 1 | - | - | 0.4 |
| The complaint is out of scope because it is not about an ICANN contracted party. | - | 1 | 1 | - | - | - | - | - | 3 | - | - | - | 0.4 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | 1 | - | - | - | 1 | 2 | - | - | - | - | - | 0.3 |
| The required abuse contact is displayed on the contracted party’s website and/or other designated place. | - | 1 | - | - | - | - | - | - | 1 | 1 | - | - | 0.3 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | 1 | 1 | - | - | - | - | 1 | - | - | - | 0.3 |
| The registrar suspended or deactivated the domain name. This is a reasonable response to an abuse report. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| DNS Abuse RAA: Phishing Total | 169 | 225 | 245 | 210 | 253 | 210 | 286 | 111 | 198 | 281 | 288 | 286 | 230.2 |
| DNS Abuse RAA: Malware | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 3 | 13 | 14 | 7 | 21 | 11 | 27 | 7 | 23 | 13 | 17 | 26 | 15.2 |
| The complaint is out of scope because the complainant did not provide the requested information. | 6 | 9 | 5 | 5 | 13 | 9 | 8 | 3 | 7 | 8 | 8 | 9 | 7.5 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 3 | 7 | 4 | 3 | 3 | 5 | 12 | 5 | 8 | 5 | 5 | 9 | 5.8 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 2 | 4 | 3 | 2 | 2 | 6 | 6 | 1 | 3 | 4 | 6 | 5 | 3.7 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | 1 | - | - | - | 2 | - | - | 1 | 4 | 1 | 0.8 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | 1 | 1 | - | 1 | 2 | - | - | - | - | - | 2 | - | 0.6 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 5 | - | - | - | - | - | - | - | - | - | - | - | 0.4 |
| The complaint is out of scope because it is incomplete or broad. | - | 2 | - | - | - | - | 2 | - | - | - | - | - | 0.3 |
| The complaint is out of scope because the domain is not registered. | - | - | - | - | - | - | - | - | 1 | - | 2 | - | 0.3 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | - | - | - | - | - | - | 2 | - | - | - | - | - | 0.2 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | 1 | - | - | - | 1 | - | - | - | - | - | - | 0.2 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | 1 | - | - | - | - | 1 | - | - | - | 0.2 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | - | - | - | - | - | - | - | 1 | - | 1 | - | - | 0.2 |
| DNS Abuse RAA: Malware Total | 20 | 37 | 27 | 19 | 41 | 32 | 59 | 17 | 43 | 32 | 44 | 50 | 35.1 |
| DNS Abuse RAA: Botnets | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 2 | 9 | 3 | 4 | 10 | 5 | 9 | 2 | 10 | 3 | 7 | 13 | 6.4 |
| The complaint is out of scope because the complainant did not provide the requested information. | 4 | 1 | 3 | - | 4 | 3 | 2 | 2 | 1 | 2 | 2 | 4 | 2.3 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | - | 1 | 3 | 1 | - | 3 | 4 | 1 | - | 1 | - | 1 | 1.3 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 1 | - | 1 | 1 | 2 | 1 | 2 | 1 | 1 | 1 | 1 | 1 | 1.1 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | - | 1 | - | - | 1 | - | - | - | - | - | 1 | - | 0.3 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | 1 | - | - | - | - | 1 | - | - | 1 | 0.3 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | - | - | - | - | - | 1 | - | 1 | - | 1 | - | - | 0.3 |
| The complaint is out of scope because it is incomplete or broad. | - | 1 | - | - | - | - | 1 | - | - | - | - | - | 0.2 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | - | - | - | - | - | - | 1 | - | 1 | - | - | - | 0.2 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Botnets Total | 7 | 13 | 11 | 7 | 17 | 13 | 20 | 7 | 14 | 8 | 11 | 20 | 12.3 |
| DNS Abuse RAA: Pharming | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 4 | 17 | 11 | 13 | 16 | 9 | 21 | 3 | 15 | 15 | 15 | 12 | 12.6 |
| The complaint is out of scope because the complainant did not provide the requested information. | 6 | 16 | 12 | 9 | 14 | 7 | 5 | 4 | 9 | 7 | 10 | 9 | 9.0 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | 5 | 12 | 3 | 3 | 7 | 7 | 2 | 6 | 5 | 4 | 6 | 5.1 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 9 | 5 | 3 | 4 | 2 | 4 | 2 | 4 | 2 | 3 | 3 | 1 | 3.5 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | 4 | 1 | - | - | - | - | 1 | - | 1 | 5 | - | 1.0 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | 1 | 4 | - | 1 | 1 | - | - | - | - | - | 2 | - | 0.8 |
| The complaint is out of scope because the domain is not registered. | 3 | 2 | - | - | - | - | - | - | - | - | 1 | 2 | 0.7 |
| The complaint is out of scope because it is incomplete or broad. | - | 2 | 1 | - | - | 1 | 1 | - | - | - | - | - | 0.4 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | 1 | - | - | - | - | 1 | 1 | - | - | 0.3 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | - | 1 | - | - | - | - | 2 | - | - | - | - | - | 0.3 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | - | - | - | - | - | 1 | - | 1 | - | - | - | - | 0.2 |
| The required abuse contact is displayed on the contracted party’s website and/or other designated place. | - | - | - | - | - | - | 1 | - | 1 | - | - | - | 0.2 |
| The complaint is out of scope because it is not about an ICANN contracted party. | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Pharming Total | 24 | 56 | 41 | 31 | 36 | 29 | 39 | 15 | 34 | 32 | 40 | 30 | 33.9 |
| DNS Abuse RAA: Spam (Vector) | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 12 | 27 | 31 | 11 | 43 | 30 | 53 | 15 | 37 | 27 | 37 | 51 | 31.2 |
| The complaint is out of scope because the complainant did not provide the requested information. | 20 | 23 | 20 | 19 | 24 | 18 | 14 | 6 | 20 | 21 | 15 | 17 | 18.1 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 7 | 12 | 23 | 11 | 14 | 13 | 22 | 7 | 18 | 18 | 14 | 12 | 14.3 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 7 | 10 | 5 | 10 | 11 | 5 | 9 | 7 | 10 | 11 | 9 | 12 | 8.8 |
| The registrar demonstrated having reasonably and promptly investigated and appropriately responded to an abuse report. | 47 | - | - | - | - | - | - | - | - | - | - | - | 3.9 |
| The complaint is out of scope because it is a duplicate of an open complaint. | 3 | 2 | 1 | 2 | 1 | 2 | 3 | - | 1 | 2 | 1 | 1 | 1.6 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | 2 | 1 | 1 | 1 | - | 1 | 10 | 1 | 1 | - | - | - | 1.5 |
| The complaint is out of scope because the domain is not registered. | 2 | 1 | - | - | - | 2 | 2 | 1 | 1 | 3 | 3 | 2 | 1.4 |
| The domain is suspended and suspension is a reasonable response to the abuse report. | - | 1 | - | 2 | 3 | - | - | - | - | - | 2 | - | 0.7 |
| The complaint is out of scope because it is incomplete or broad. | - | 2 | 1 | - | 1 | 1 | 1 | - | - | - | 1 | 1 | 0.7 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | 1 | - | - | - | 1 | - | 1 | 1 | - | - | - | 0.3 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | 1 | - | - | - | - | 1 | - | 1 | - | 1 | - | - | 0.3 |
| The complaint is out of scope because it is not about an ICANN contracted party. | - | 1 | 1 | - | - | - | - | - | - | - | - | - | 0.2 |
| The complaint will not be addressed because it contains offensive and/or abusive language. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The required abuse contact is displayed on the contracted party’s website and/or other designated place. | - | 1 | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | 1 | - | - | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RAA: Spam (Vector) Total | 101 | 83 | 83 | 56 | 97 | 74 | 115 | 39 | 89 | 83 | 82 | 96 | 83.2 |
| Grand Total | 321 | 414 | 407 | 323 | 444 | 358 | 519 | 189 | 378 | 436 | 465 | 482 | 394.7 |
One single complaint can report multiple types of DNS Abuse associated with the reported domain name(s); therefore, the sum of the DNS Abuse types in these reports will be greater than the total of individual unactionable DNS Abuse complaints closed within the month.
DNS Abuse Complaints Received Against Registry Operators
Monthly Average of Complaints Received by DNS Abuse Type
One single complaint can refer to one or multiple domain names and report multiple types of DNS Abuse associated with the reported domain name(s). Therefore, the sum of the DNS Abuse types in these reports will not equal the total of individual DNS Abuse complaints received within the month, or the total of reported domain names used for DNS Abuse.
This includes all complaints received where the complainants selected one or more DNS Abuse type(s) in the Contractual Compliance webform. These do not equal the number of complaints received with validated and actionable allegations of DNS Abuse. Details about actionable complaints are in the relevant reports below.
Due to rounding, percentages may not always appear to add up to 100%.
Monthly Trend of Complaints Received by DNS Abuse Type
Monthly Detail of Complaints Received by DNS Abuse Type
| DNS Abuse Type | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RA: Phishing | 17 | 13 | 17 | 15 | 15 | 24 | 15 | 21 | 28 | 51 | 42 | 27 | 24 |
| DNS Abuse RA: Malware | 8 | 2 | 8 | 7 | 7 | 11 | 4 | 12 | 11 | 10 | 13 | 10 | 9 |
| DNS Abuse RA: Botnets | 3 | - | 2 | 1 | 6 | 4 | 1 | 5 | 7 | 4 | 3 | 4 | 3 |
| DNS Abuse RA: Pharming | 4 | 2 | 4 | 2 | 5 | 8 | 3 | 8 | 9 | 6 | 8 | 9 | 6 |
| DNS Abuse RA: Spam (vector) | 19 | 13 | 11 | 10 | 9 | 15 | 8 | 13 | 16 | 16 | 19 | 14 | 14 |
| Total | 51 | 30 | 42 | 35 | 42 | 62 | 31 | 59 | 71 | 87 | 85 | 64 | 55 |
DNS Abuse RA: Phishing
DNS Abuse RA: Botnets
DNS Abuse RA: Spam (vector)
DNS Abuse RA: Malware
DNS Abuse RA: Pharming
Number of Compliance Notifications Sent to Registry Operators Under DNS Abuse Requirements by DNS Abuse Type
| DNS Abuse Type | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RA: Phishing | |||||||||||||
| 1st Inquiry/Notice | - | - | 2 | - | 1 | - | - | - | - | 2 | - | 2 | 0.6 |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | 1 | 0.1 |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| Breach Notice | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Malware | |||||||||||||
| 1st Inquiry/Notice | - | - | - | - | 2 | 1 | - | 1 | - | - | - | - | 0.3 |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Botnets | |||||||||||||
| 1st Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Pharming | |||||||||||||
| 1st Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Spam (vector) | |||||||||||||
| 1st Inquiry/Notice | - | - | - | - | - | - | - | - | - | 1 | - | - | 0.1 |
| 2nd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| 3rd Inquiry/Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Escalated Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Breach Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Termination Notice | - | - | - | - | - | - | - | - | - | - | - | - | - |
One single complaint can report multiple types of DNS Abuse associated with the reported domain name(s); therefore, the sum of the DNS Abuse types in these reports will be greater than the total of individual DNS Abuse notifications sent within the month. One single complaint can also report one or multiple domain names used for DNS Abuse.
Monthly Detail of Reasons for Resolving Cases with Registry Operators by DNS Abuse Type
DNS Abuse RA: Phishing Average Closed Per Month
DNS Abuse RA: Malware Average Closed Per Month
DNS Abuse RA: Botnets Average Closed Per Month
DNS Abuse RA: Pharming Average Closed Per Month
DNS Abuse RA: Spam (vector) Average Closed Per Month
| Reasons why cases were resolved - action taken by the registry or reasons why no action was taken | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RA: Phishing | |||||||||||||
| The registry suspended/deactivated the domain name. This is an appropriate mitigation action to contribute to stopping the use of the domain name for DNS Abuse. | - | - | 1 | 1 | 1 | - | - | - | - | - | - | - | 0.3 |
| DNS Abuse RA: Phishing Total | - | - | 1 | 1 | 1 | - | - | - | - | - | - | - | 0.3 |
| DNS Abuse RA: Malware | |||||||||||||
| The registry suspended/deactivated the domain name. This is an appropriate mitigation action to contribute to stopping the use of the domain name for DNS Abuse. | - | - | - | 1 | 1 | 1 | - | - | - | 1 | - | - | 0.3 |
| DNS Abuse RA: Malware Total | - | - | - | 1 | 1 | 1 | - | - | - | 1 | - | - | 0.3 |
| DNS Abuse RA: Botnets | |||||||||||||
| - | - | - | - | - | - | - | - | - | - | - | - | - | |
| DNS Abuse RA: Botnets Total | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Pharming | |||||||||||||
| - | - | - | - | - | - | - | - | - | - | - | - | - | |
| DNS Abuse RA: Pharming Total | - | - | - | - | - | - | - | - | - | - | - | - | - |
| DNS Abuse RA: Spam (Vector) | |||||||||||||
| The registry published the required abuse contact. This contact provides a confirmation receipt to any party submitting an abuse report. | - | - | - | - | - | - | - | - | - | 1 | - | - | 0.1 |
| DNS Abuse RA: Spam (Vector) Total | - | - | - | - | - | - | - | - | - | 1 | - | - | 0.1 |
| Grand Total | - | - | 1 | 2 | 2 | 1 | - | - | - | 2 | - | - | 0.7 |
DNS Abuse cases resolved with registry operators involving maliciously registered vs. compromised domains
| MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RAA: Maliciously Registered Domain | - | - | 1 | 1 | 1 | 1 | - | - | - | 2 | - | - | 0.5 |
| DNS Abuse RAA: Compromised Domain | - | - | - | - | - | - | - | - | - | - | - | - | - |
| Grand Total | - | - | 1 | 1 | 1 | 1 | - | - | - | 2 | - | - | 0.5 |
Invalid or Unactionable Complaints Received Against Registry Operators by DNS Abuse Type
| Reason why complaint was deemed invalid | MAY 2024 | JUN 2024 | JUL 2024 | AUG 2024 | SEP 2024 | OCT 2024 | NOV 2024 | DEC 2024 | JAN 2025 | FEB 2025 | MAR 2025 | APR 2025 | Average |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| DNS Abuse RA: Phishing | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 10 | 6 | 11 | 12 | 8 | 18 | 9 | 10 | 22 | 29 | 26 | 14 | 14.6 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 4 | 1 | 3 | - | 1 | 6 | 2 | 3 | 2 | 4 | 7 | 2 | 2.9 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | - | 2 | 2 | 1 | 3 | - | 3 | 6 | 4 | 2 | 5 | 2.4 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | - | - | 1 | - | - | 1 | - | 7 | - | 2 | 0.9 |
| The complaint is out of scope because the complainant did not provide the requested information. | - | 1 | - | - | 1 | 1 | - | 1 | - | 1 | 3 | - | 0.7 |
| The registry operator is not the best-equipped party to review and take appropriate, proportionate, mitigation action in the particular case. | - | - | 1 | - | - | - | - | - | - | 2 | - | 2 | 0.4 |
| The complaint is out of scope because it is incomplete or broad. | - | 1 | 1 | - | - | - | 1 | - | - | - | - | - | 0.3 |
| The complaint is out of scope because the domain is not registered. | - | - | 1 | - | - | - | - | - | - | - | - | 1 | 0.2 |
| The reported activity is not DNS Abuse (phishing, pharming, botnets, malware or spam as a delivery mechanism for the other four types of DNS Abuse.) Therefore, DNS Abuse requirements are not applicable. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| The reported TLD does not have Specification 6 in its registry agreement; therefore, DNS Abuse requirements are not applicable. | 1 | - | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| The complaint is out of scope because it is about a private dispute that does not implicate ICANN's contractual authority. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| DNS Abuse RA: Phishing Total | 16 | 9 | 19 | 14 | 12 | 28 | 12 | 20 | 31 | 47 | 38 | 26 | 22.7 |
| DNS Abuse RA: Malware | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 7 | - | 5 | 3 | 4 | 9 | 2 | 5 | 10 | 7 | 9 | 7 | 5.7 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | - | 1 | 1 | - | 1 | - | 2 | 2 | 1 | 1 | 3 | 1.1 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 1 | - | 2 | - | - | - | - | - | - | - | 2 | - | 0.4 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | - | - | 1 | 1 | 1 | - | - | - | - | - | 0.3 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | - | - | - | - | - | - | 1 | - | - | 1 | - | - | 0.2 |
| The complaint is out of scope because the complainant did not provide the requested information. | - | - | - | - | - | - | - | 1 | - | 1 | - | - | 0.2 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| The reported activity is not DNS Abuse (phishing, pharming, botnets, malware or spam as a delivery mechanism for the other four types of DNS Abuse.) Therefore, DNS Abuse requirements are not applicable. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| The registry suspended/deactivated the domain name. This is an appropriate mitigation action to contribute to stopping the use of the domain name for DNS Abuse. | - | - | - | - | - | 1 | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because the domain is not registered. | - | - | - | - | - | - | - | - | - | - | - | 1 | 0.1 |
| The reported TLD does not have Specification 6 in its registry agreement; therefore, DNS Abuse requirements are not applicable. | - | 1 | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | 1 | - | - | - | - | - | - | - | - | 0.1 |
| The registry operator is not the best-equipped party to review and take appropriate, proportionate, mitigation action in the particular case. | - | - | - | 1 | - | - | - | - | - | - | - | - | 0.1 |
| DNS Abuse RA: Malware Total | 9 | 1 | 8 | 6 | 5 | 12 | 4 | 9 | 13 | 10 | 12 | 11 | 8.3 |
| DNS Abuse RA: Botnets | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 2 | - | 1 | 1 | 5 | 3 | - | 3 | 6 | 3 | 2 | 4 | 2.5 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 1 | - | 1 | - | - | - | - | - | - | - | - | - | 0.2 |
| The complaint is out of scope because the complainant did not provide the requested information. | - | - | - | - | - | - | - | - | - | 1 | - | - | 0.1 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | - | - | - | - | - | 1 | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| The complaint is out of scope because the domain is not registered. | - | - | - | - | - | - | - | - | - | - | - | 1 | 0.1 |
| The complaint is out of scope because it is a duplicate of a closed complaint. | - | - | - | - | - | - | 1 | - | - | - | - | - | 0.1 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | - | - | 1 | - | - | - | - | - | - | 0.1 |
| The reported activity is not DNS Abuse (phishing, pharming, botnets, malware or spam as a delivery mechanism for the other four types of DNS Abuse.) Therefore, DNS Abuse requirements are not applicable. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| The complaint is out of scope because it is incomplete or broad. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| DNS Abuse RA: Botnets Total | 3 | - | 2 | 1 | 5 | 5 | 1 | 4 | 8 | 4 | 2 | 5 | 3.3 |
| DNS Abuse RA: Pharming | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 4 | 2 | 2 | 1 | 3 | 7 | 2 | 3 | 8 | 6 | 7 | 5 | 4.2 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | - | - | - | - | - | 1 | - | 1 | 1 | - | - | 1 | 0.3 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | - | - | 1 | - | - | - | - | 1 | 1 | - | - | 1 | 0.3 |
| The registry operator is not the best-equipped party to review and take appropriate, proportionate, mitigation action in the particular case. | - | - | - | - | - | - | - | - | - | - | - | 2 | 0.2 |
| The complaint is out of scope because the domain is not registered. | - | - | 1 | - | - | - | - | - | - | - | - | 1 | 0.2 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | - | - | 1 | - | 1 | - | - | - | - | - | 0.2 |
| The complaint is out of scope because the complainant did not provide the requested information. | 1 | - | - | - | 1 | - | - | - | - | - | - | - | 0.2 |
| The reported activity is not DNS Abuse (phishing, pharming, botnets, malware or spam as a delivery mechanism for the other four types of DNS Abuse.) Therefore, DNS Abuse requirements are not applicable. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| The complaint is out of scope because it is incomplete or broad. | - | - | 1 | - | - | - | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | - | - | 1 | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| DNS Abuse RA: Pharming Total | 5 | 2 | 5 | 1 | 5 | 9 | 3 | 6 | 11 | 6 | 7 | 10 | 5.8 |
| DNS Abuse RA: Spam (Vector) | |||||||||||||
| The complaint is invalid or not actionable because there is no evidence of an abuse report filed with a registrar or registry. | 15 | 8 | 9 | 6 | 4 | 12 | 7 | 6 | 13 | 10 | 10 | 10 | 9.2 |
| The complaint is out of scope because it is regarding a country-code top-level domain. | 1 | 1 | 2 | 2 | - | 2 | 1 | 3 | 1 | 1 | 6 | - | 1.7 |
| The domain name is suspended or disabled and suspension is a mitigation action to stop DNS Abuse. | 1 | - | 2 | 1 | - | 2 | - | 1 | 3 | 2 | 1 | 4 | 1.4 |
| The complaint is out of scope because customer service issues are outside of ICANN's contractual authority. | - | - | - | 1 | - | 2 | - | - | - | - | - | - | 0.3 |
| The complaint is out of scope because the complainant did not provide the requested information. | - | - | - | - | - | 1 | - | - | - | 1 | - | - | 0.2 |
| The complaint is out of scope because it is incomplete or broad. | - | 1 | - | - | - | - | - | - | - | - | - | - | 0.1 |
| The reported activity is not DNS Abuse (phishing, pharming, botnets, malware or spam as a delivery mechanism for the other four types of DNS Abuse.) Therefore, DNS Abuse requirements are not applicable. | - | - | - | - | - | - | - | 1 | - | - | - | - | 0.1 |
| The registry operator is not the best-equipped party to review and take appropriate, proportionate, mitigation action in the particular case. | - | - | - | - | - | - | - | - | - | 1 | - | - | 0.1 |
| The complaint is out of scope because ICANN does not process complaints regarding website content. | - | - | - | - | - | - | - | - | 1 | - | - | - | 0.1 |
| The complaint is out of scope because it is a duplicate of an open complaint. | - | - | - | - | 1 | - | - | - | - | - | - | - | 0.1 |
| The complaint is out of scope because the domain is not registered. | - | - | - | - | - | - | - | - | - | - | - | 1 | 0.1 |
| DNS Abuse RA: Spam (Vector) Total | 17 | 10 | 13 | 10 | 5 | 19 | 8 | 11 | 18 | 15 | 17 | 15 | 13.2 |
| Grand Total | 50 | 22 | 47 | 32 | 32 | 73 | 28 | 50 | 81 | 82 | 76 | 67 | 53.3 |
One single complaint can report multiple types of DNS Abuse associated with the reported domain name(s); therefore, the sum of the DNS Abuse types in these reports will be greater than the total of individual unactionable DNS Abuse complaints closed within the month.