Archive LiveRead-only public record · No ads · No tracking
CASE / IANA 3765 VERDICT
IANA #3765 Verdict: Every Domain Reviewed, Zero Legit Uses
A domain-by-domain review where ambiguity kept shrinking and the pattern kept getting worse.
File 003·Verdict·5 min read·Editorial mirror
Public record copy. Brand names withheld, public accreditation numbers preserved. If the body below says “we”, that means the original publisher, not this mirror. TER only preserves, redacts, and re-contextualizes.
5,000+
Unique Tickets Ignored
24.7 MB
Domain Dataset Published
0
Legitimate Domains Found
100%
Domains Now Flagged
We Decided to Check
After our first investigation exposed IANA #3765 as the ICANN-accredited registrar powering global cybercrime, one question remained: is it really ALL bad? Could there be legitimate businesses buried under the mountain of possibly phishing, crypto scams, and worse?
We decided to find out. We reviewed IANA #3765's entire domain portfolio — every registration, every IP, every piece of content we could access. The result is a 24.7 MB dataset published on GitHub for anyone to verify independently.
The conclusion was unanimous and unambiguous.
The Result
We looked for ANY legitimate use case. A single clean business. A personal blog. A portfolio site. We found none.
This investigation builds on our original findings. Read the full context:
The domains registered through IANA #3765 fall into clear categories of abuse:
Category
Prevalence
Notes
Crypto Possibly phishing & Drainers
Dominant
Wallet drainers, fake exchanges, airdrop scams
Fake Gambling & Casinos
High
Linked to operations we've already investigated (OFEDREX, LuxardGambling)
Possibly phishing (General)
High
Credential harvesting, brand impersonation
Malware Distribution
Moderate
Drive-by downloads, fake software
Undisclosed Criminal Content
Present
Content violating criminal law in every jurisdiction — deliberately not described
Content Warning
Some content hosted on IANA #3765 domains is so extreme that describing it in detail would itself be irresponsible. There are categories present that violate criminal codes universally. We documented everything. We will not publish specifics.
The only "borderline" category was gambling — but even that fell apart under scrutiny. The gambling domains traced directly back to fake casino operations we had already investigated: OFEDREX with its 383 verified victims, LuxardGambling with its deepfake celebrity endorsements. These aren't legitimate gambling sites. They're the same scam panels wearing different skins.
The Hacker Forum Connection
IANA #3765's relationship with cybercriminals goes far beyond passive negligence. The registrar actively participates in the ecosystem:
"IANA #3765 maintains an active presence on BlackHatWorld, a forum notorious for SEO spam, possibly phishing toolkits, and fraud services."
"Promotional emails from IANA #3765 have been documented boasting 'fewer abuse reports' — marketing copy designed specifically to attract criminal customers."
"When abuse is reported, IANA #3765 forwards the reporter's personal contact information — including email addresses — directly to the domain owner. This isn't an oversight. It's a feature designed to intimidate whistleblowers."
Key Incidents
Infographic: 5,000 abuse reports sent to IANA #3765, 0 actions taken — mountain of ignored reports in trash
BreachForums Incident
IANA #3765 unsuspended a domain AFTER an FBI takedown request, then reportedly suspended the FBI's own account to prevent further correspondence.
Documented conversations discussing disabling WHOIS and providing bulletproof services to suspected criminals.
GDPR / Privacy Violations
Sharing reporter data with attackers — turning the abuse reporting process into a weapon against whistleblowers.
5,000 Tickets Ignored
The number is not an estimate. It is not inflated with duplicates. 5,000+ unique abuse tickets were filed against IANA #3765 domains — each with fresh evidence, each for a different malicious domain. This count excludes repeat escalations, follow-up submissions, and cross-referenced reports.
The response pattern was always the same:
"Insufficient evidence" — IANA #3765's standard auto-reply to forensic PDFs containing VirusTotal reports with 15+ vendor detections, full page screenshots of active possibly phishing portals, DNS mapping, and technical metadata.
Mechanisms of Abuse
48-hour suspension delay:IANA #3765's internal policy allows reported domains to remain active for 48 hours, giving scammers ample time to drain victims
WHOIS/RDAP manipulation: intentionally broken or disabled for clients upon request, violating ICANN RAA transparency requirements
Auto-closed complaints: tickets sent to abuse@IANA #3765 are automatically forwarded to domain owners and closed
The Business Decision
5,000 tickets is not a compliance failure. It is a business decision. Every ignored ticket is revenue protected.
Our Verdict
Based on the evidence — the complete domain review, the 5,000+ ignored tickets, the hacker forum presence, the FBI incident, the whistleblower intimidation, and the confirmed zero legitimate use rate — THE ENABLERS REGISTRY has made a definitive decision:
Official Designation
Every domain registered through IANA #3765 (IANA 3765) is now flagged as potentially unsafe in THE ENABLERS REGISTRY's threat intelligence system. This applies to our API, blocklists, browser warnings, and all partner integrations.
This is not a blanket punishment. It is a statistical conclusion. When 100% of reviewed content is malicious and the registrar actively enables it, the registrar IS the criminal infrastructure.
Final Statement
This is not negligence. This is not incompetence. This is a business model built on abuse resilience. [REDACTED] should face criminal liability — not for failing to act, but for deliberately choosing not to. We are waiting for accountability.
The business model is clear: charge criminals for domains, ignore all abuse reports, share whistleblower data with attackers, advertise on hacker forums. This is not a grey area. This is organized infrastructure for organized crime. A legal precedent here would send a message to every bulletproof registrar operating under ICANN's umbrella.
Play the Game: Find a Legitimate Domain
We're making the challenge public. The complete dataset is published. Every IANA #3765 domain we reviewed is available for download and independent verification.
The rules are simple: find a single legitimate domain registered through IANA #3765. A real business. A personal website. Anything that isn't possibly phishing, scamming, or worse.
IANA #3765's business model survives because of silence. Every report, every block, every public exposure makes the cost of complicity higher. The data is public. The evidence is overwhelming. Act on it.
