.ORG Anti-Abuse Metrics
PIR offers this .ORG transparency reporting in line with our Anti-Abuse Principles. We work hard to ensure that .ORG remains the most trusted gTLD in the industry. Check out our metrics and you’ll see how we compare with other TLDs. The charts below are dynamic and updated regularly.
4,218
DOMAINS REPORTED
3,114
# OF SUSPENSIONS
0.027%
% OF DUM
11,548,674
TOTAL DUM COUNT
Year-to-Date DNS Abuse
This DNS Abuse Metrics chart includes YTD statistics for .ORG.
ABUSE TYPE | Cases / Reports | Suspension / Serverhold | Suspension / Clienthold | TOTAL SUSPENSIONS |
PHISHING | 4,111 | 1,890 | 742 | 2,632 |
MALWARE | 710 | 45 | 134 | 179 |
BOTNET | 213 | 27 | 88 | 115 |
SPAM | 15 | 5 | 4 | 9 |
OTHER | 195 | 121 | 58 | 179 |
TOTAL | 5,244 | 2,088 | 1,026 | 3,114 |
Note: Many domains flagged for abuse are “compromised cases,” where domains are initially registered for non-abusive purposes but are put to abusive purposes without its registrant’s consent. Suspension at the registry level is not the appropriate action to address compromised domains. Instead, the registrar or host should work to get control of the domain back into the registrant’s hands. Additionally, sometimes domains are flagged as abusive by Reputation Block Lists (RBLs) and then de-listed for a variety of reasons.
Suspensions for Limited Categories of Content Abuse
PIR’s Anti-Abuse Policy focuses on DNS Abuse. However, consistent with our Policy and the Framework to Address Abuse, there are certain categories of Website Content Abuse that are so egregious that we take action. We are proud to work with a handful of trust notified notifiers to help address specific and limited instances of Website Content Abuse.
The Internet Watch Foundation (IWF) The IWF provides verified reports of URLs that have been confirmed as being used to access Child Sexual Abuse Material (CSAM). | ||||
ABUSE TYPE | Cases / Reports | Suspension / Serverhold | Suspension / Clienthold | TOTAL SUSPENSIONS |
CSAM | 389 | 14 | 52 | 66 |
| ||||
The American Red Cross Suspensions | 10 | |||
Trusted Notifiers: PIR’s Anti-Abuse Policy focuses on DNS Abuse. However, consistent with our Policy and the Framework to Address Abuse, there are certain categories of Website Content Abuse that are so egregious that we take action. We are proud to work with a handful of trust notified notifiers to help address specific and limited instances of Website Content Abuse.
Action Timeline
This timeline measures from detection to takedown/remediation. The first 72 hours are critical in that significant harms from DNS Abuse are most likely to occur within this timeframe.
ACTION TIMELINE | Cases / Reports | Suspension / Serverhold | Suspension / Clienthold | TOTAL SUSPENSIONS |
0 – 24 Hours | 757 | 532 | 144 | 676 |
24 – 48 Hours | 313 | 243 | 61 | 304 |
48 – 72 Hours | 260 | 204 | 43 | 247 |