.TOP promises to reduce abuse. Offer a show of good faith
Dave Piscitello
A recent Domain Incite post reports that “ICANN said that it has been working with .TOP for months to put in systems aimed at reducing the abuse of .top domains” and that ICANN Compliance “acknowledged that the remedial measures were sufficient to cure the Notice of Breach.”
I commented to Domain Incite’s Kevin Murphy on LinkedIn that “A good show of faith would be for .TOP to provide Registration Data Directory Service without the excessive rate limiting so researchers, responders and investigators can determine the domain registrar at least at the same rate that they are registering domains that are quickly blocklisted.”
A further show of good faith would be to have ICANN specifically monitor RDDS to "independently" assess .TOP's rate limiting practice to determine whether it meets the spirit and intent of the registry agreement.
We query RDDS for gTLD and ccTLD registries which have had domains reported for phishing, spam, or malware. This involves thousands of queries daily. We and other responders or researchers do so to obtain registrar ID and name, which tells us whom to speak with for a takedown, suspension, or additional information.
We try to be responsible actors and do not abuse these services. We don’t hammer at them at excessive rates, and we haven’t hosted RDDS bots across multiple IP networks to circumvent rate limiting.
.TOP is a singular outlier among registries. The volume of phishing and spam domains reported in the .TOP TLD is very high and their RDDS access policy is prohibitively restrictive. Consider the number of .TOP domains we queried for which we were unable to get registration data via RDDS in May 2025 for domains reported for phishing:
Of the 50,375 phishing domains in reported in all gTLDs, 30,331 (60%) were in .TOP,
Of the 454,451 spam domains reported in all gTLDs, 322,809 (71%) were in .TOP.
If ICANN is monitoring RDDS service levels, we ask that they subject .TOP’s RDDS to the same volume as above, to determine whether the service level we see is considered contractually compliant? Our experience: all of the gTLD registries other than .TOP provide us with adequately responsive Whois/RDAP services at similar volumes.
.TOP promises to play nice on DNS Abuse, https://domainincite.com/31106-top-promises-to-play-nice-on-dns-abuse
ICANN Service Level Monitoring System (SLAM), https://www.icann.org/en/system/files/files/presentation-slam-13may17-en.pdf