Opening a blog post with a meme – check. Fancy title – check. While you might think that this blog post is a joke, I have to tell you that it might be one of the most serious ones until now. Not “>>Houston, we have a problem<< and everyone already knows that he’s not gonna make it back”-serious, but more like “You still haven’t done the dishes?“-serious.
Whenever I scroll through seemingly endless lists of domain names, one particular type of them catches my attention. Let me give you a few examples:
8c5968b9kspxkwd.club fxdee.science jb1bd.webcam yposx.party tsy809.science vokvbn.science 7kks.science tzjv.party j3dv.science bl9nl.party iij3e.xyz qetyyu.xyz 16872.xyz wshod.party sus430.xyz c8356el.xyz avvb.science mskcx.space vxur.webcam wq6e.party h9jb.webcam y8g1x.science 520v1v484.top seosepll.xyz papuuod.xyz ggzcx.party nx5l1f.science v29qkt30dxh5.link
Of course you could just shrug it off, but that would be boring. Instead, I added another item to our already infinitely long to-do list: “Write blog posts about spam TLD stuff!”
Why would you register those domains?, the naive internet user asked. Well, that question is partially answered by our categorization of those domains: “Spam” and “Filler”. So Spam-TLDs are used to create spam websites while “Filler”-TLDs, well, apparently to fill up the pool of domains for that particular TLD.
Most of the domains timed out like one would expect. When we started to check those still responding, we quickly realized that an overwhelming part has the same content: Scripted websites with automatically generated links – in chinese. Those websites mostly link to other spam-TLDs, but sometimes even include ccTLDs or old gTLDs. The purpose? Sale spam. The websites are basically a big list of links to products. Interestingly, you can’t order any of the advertised products online – you have to call a number (can you imagine? 2015?). And since I only speak the rare Chinese Huizhou dialect from southern Anhui (think of it as the chinese “Texas English” counterpart), I couldn’t get more information about the order process.
Back to topic: Another set of spam domains shows a page full of products as well. Regardless of which link you follow, you will be redirected to a modified version of the chinese news agency CNNB.com.cn, even though you are accessing the CNNB domain and servers, the articles have modified names (“European Casino”, etc.).
One could argue about how successful all of this is, but we already know that people willingly sent money to the nigerian government/lottery/whatever with the promise of receiving 2 million dollars in return. So, uhm, yeah. Also, it’s Asia. While checking those domains, I stumbled across the website of a japanese dentist. It was full of pictures of him and his staff. Doing victory signs. With their patients. During their dental treatment. And that’s why I absolutely don’t know whether this kind of marketing-spam works in Asia or not, because I don’t understand the people living there (haha, unintentional pun).
While it is easy to make sense of spam domains, I feel that “Filler”-domains are a more complex matter. Here is a list of some of them:
aabo.wang aabp.wang aabq.wang aabr.wang aabs.wang aabt.wang aabu.wang aabv.wang aabw.wang aabx.wang aaby.wang aabz.wang aaca.wang aacb.wang aacd.wang
I cut it down to 15, because this would go on for another few hundred entries. Here is another excerpt:
lalala001.xyz lalala002.xyz lalala003.xyz lalala004.xyz lalala005.xyz lalala006.xyz lalala007.xyz lalala008.xyz lalala009.xyz lalala010.xyz lalala011.xyz lalala012.xyz lalala013.xyz lalala014.xyz lalala015.xyz
Again, let’s start with the simple question: Why would you register those domains? I am unable to answer that question. All domains time-out and all of them are whois-protected. I could dig deeper, but that would go beyond the scope of this blog post. Although I am pretty sure that, while looking at the numbers, those domains aren’t just failed attempts of whatever, but tough business strategy.
My thoughts travel in a lot of different directions here.
- What would be the plan with these kind of domains?
- Would you use it for spam?
- If so, is there some difference in using randomized names and continuous names or do I just get overly excited?
- Who profits from those registrations short-, mid- and long-term?
- Why are none of those domains accessible?
- Why aren’t they being renewed?
- Why are they whois-protected?
Unfortunately, I do plan on leaving you alone with those questions, because I fear that doing a follow-up on all of those questions would risk the impartial status that we at nTLDstats are so proud of. But before you start your journey into the dangerous world of consipiracy theories, take two more charts from me. Yes, they may answer some questions – but might as well raise just as much new ones. *flashlight face vanishes in the dark*
(If you have input on this, feel free to mail me at [this authors name] at [this websites name] dot [this websites TLD] (ha! take this, e-mail-address crawling spam bots!))