Case Study

Acidtool: identify the right abuse contact.

A free public lookup tool built for ICANN's Registrar Stakeholder Group. Given any domain, ACID surfaces the correct abuse contacts for the hosting provider, email provider, and registrar.

Free

Public tool

WHOIS + RDAP

Data sources

RrSG

Built for

Public

Availability

The challenge

Reporting DNS abuse correctly is harder than it sounds. When someone discovers a phishing site, malware host, or spam source, they have to figure out which party is actually responsible: the hosting provider, the email service provider, or the registrar. Each of these has different abuse contact procedures, and getting it wrong wastes everyone's time. ICANN's Registrar Stakeholder Group (RrSG) wanted a free public tool that would do the lookup work automatically and surface clean, accurate abuse contact details. It needed to be reliable, fast, and presented in a way that non-technical reporters could follow.

What we built

The ACID Tool (Abuse Contact IDentifier) is a public domain lookup tool we built for the RrSG. Enter a domain, and the tool returns the appropriate abuse contact details for the hosting provider, the email service provider, and the registrar (with full registrant details where the registry exposes them). The tool aggregates data from WHOIS, RDAP, DNS records, and reverse DNS lookups. The raw JSON output is available for technical users who need it, while the structured contact cards make the right action obvious for non-technical reporters.

Key decisions

We treated this as a tool, not a platform. No ticketing, no accounts, no bolted-on features that would compete with the registrars' existing systems. The tool does one thing: identify the right abuse contact for a given domain. The data model separates hosting, email, and registrar concerns explicitly because the abuse reporting paths are different for each. A clear visual hierarchy guides the reporter to the relevant contact for the type of abuse they are dealing with.

Outcome

The ACID Tool is offered free of charge by the RrSG to anyone identifying abuse contacts. It is built on public data, so it carries no warranty about accuracy, but it consistently saves reporters and registrars time on routine abuse reporting. The project also informed our broader work on registrar tooling, including the RRSG Members platform we built for the same stakeholder group.

Screenshots

ACID Tool (Abuse Contact IDentifier) lookup result for a domain showing hosting provider, email service provider, and registrar contact details
ACID Tool: domain lookup returns hosting, email, and registrar abuse contacts with raw JSON output for technical users.

Technology stack

TypeScriptNode.jsWHOISRDAPDNS

Continue exploring