Our first year of enforcement of the Domain Name System (DNS) Abuse mitigation requirements led to the mitigation of nearly 10,000 abusive domain names and the issuance of three Notices of Breach, including the one issued to .TOP Registry. Multiple investigations also led to registrars and generic top-level domain (gTLD) registry operators (Contracted Parties) implementing remediation plans to address the root causes of non-compliance before reaching the Notice of Breach stage.
Over several months, ICANN Contractual Compliance (ICANN Compliance) worked with .TOP to address its violations, granting extensions to the cure date to allow for the implementation of new processes and systems to facilitate monitoring and acting on DNS Abuse. ICANN tested .TOP Registry's new processes by submitting abuse reports, monitoring results, reviewing internal performance reviews provided by the Registry Operator, and additional data points related to DNS Abuse and .top.
On 2 June 2025, .TOP Registry cured the Notice of Breach based on remedial actions it took, including:
- Implementing a system for the receipt of abuse reports that is monitored by dedicated staff who must address these reports within specific timeframes. The process requires .TOP Registry to regularly audit its handling of abuse reports for the purposes of identifying needed improvements and enhancements of its procedures. According to .top, the new system has already allowed it to mitigate over 100,000 abusive domain names identified in third-party abuse reports.
- Developing a proactive monitoring system to detect the use of .top domain names for DNS Abuse. Since this system was implemented, .TOP Registry reported having processed over 200,000 cases.
- Strengthening its collaboration with registrars to identify and act on .top domain names used for DNS Abuse.
- Implementing a system to monitor, address, and regularly audit its handling of requests related to the Uniform Rapid Suspension System, which was also subject to the Notice of Breach.
.TOP Registry expressed its commitment to maintaining compliance with the DNS Abuse obligations and continuously strengthening its abuse detection and mitigation processes through newly established collaboration channels and a structured approach designed to drive ongoing enhancement. ICANN Compliance acknowledged that the remedial measures were sufficient to cure the Notice of Breach. We noted that future violations of these requirements will result in expedited compliance action, up to and including the issuance of additional Notices of Breach.
While the chart below shows a noticeable decrease in reported abuse involving .top observed through ICANN Domain Metrica, .top remains one of the most abused gTLDs. ICANN's Notice of Breach prompted the Registry Operator to establish systems and processes to meet the new DNS Abuse mitigation requirements. We will actively monitor the effectiveness of these new systems and processes, the Registry Operator's abuse rankings and their compliance with the requirements.
