The .co.com registry takes domain abuse seriously and is committed to global user safety and the integrity of the registry.

Important: The .co.com registry does not operate or provide website hosting, email services, or end-user DNS services for individual .co.com domains.

For most abuse reports, the fastest and most effective resolution is achieved by contacting the downstream service providers that directly control the affected service. These parties are best positioned to investigate the activity, review logs and configurations, and take appropriate action.

If you encounter abuse involving a .co.com domain, please first contact:

• Sponsoring Registrar: Use WHOIS/RDAP to identify the registrar and contact their abuse team: https://registry.co.com/whois/
• Hosting / Infrastructure Provider: For web content abuse, resolve the domain or hostname to an IP address and identify the hosting provider or network operator (for example via IP WHOIS or ASN lookup). Hosting providers are best positioned to disable or remove hosted content.
• DNS / Nameserver Operator: The authoritative nameservers for the domain are listed in the WHOIS/RDAP results at https://registry.co.com/whois/ Use the listed nameservers to identify and contact the DNS operator responsible for the domain. DNS operators may suspend or redirect DNS service where appropriate.
• Email Provider (for email-related abuse): Obtain the full email headers and use them to identify the sending email service/provider (and, where applicable, the originating IP or network). Report the message to that provider, as they are best positioned to take action on sending infrastructure. When contacting the registry, include the full email headers in your report.

When to contact the registry:

Please contact the Registry Abuse Team at abuse@co.com after attempting to contact the appropriate registrar, hosting provider, DNS operator, or email provider identified above, or if you are unable to determine who is responsible for the affected service. We will then review the matter from a registry perspective in accordance with applicable policies.

Registry review is focused on demonstrable abusive activity that can be independently verified at the time of review, including phishing, malware distribution, credential theft, fraudulent, deceptive, or impersonation-based activity, botnet operation, and related forms of technical abuse.

Law enforcement and regulatory authorities may submit reports using the same channel and include any applicable legal process or official reference information, as appropriate.

General trademark, copyright, contractual, commercial, or other private disputes are ordinarily outside the scope of the Registry’s abuse review process unless accompanied by evidence of phishing, fraud, impersonation, or other abusive activity prohibited by Registry Policies.

To help us review your report efficiently, please include the following information:

1. The domain name(s) involved, including any relevant subdomains or full URLs
2. The type of abuse (e.g., phishing, malware, spam, fraud, impersonation, botnet/C2 activity)
3. Evidence supporting the report, such as URLs, screenshots, samples, or other indicators
4. Dates and times observed, including the applicable timezone
5. For email-related abuse: the complete email headers, along with the name of the identified sending email provider or originating network, and details of any report already submitted to that provider
6. Actions already taken, including any reports submitted to registrars, hosting providers, DNS operators, or email providers, along with ticket or reference numbers if available
7. Your preferred contact information for follow-up questions, if needed

Note: As the registry operator, we do not directly host or remove content. Any action taken by the registry will be consistent with registry policies and applicable contractual or legal obligations.

If the report involves an immediate or ongoing security risk (for example, active phishing or malware distribution), please include “URGENT” in the email subject line and provide the most direct supporting evidence available.