co.tv have had quite the history, with a plethora of abuse of their service. They've previously been responsive as far as takedowns, but lately there's been no response, and those reported over the past week, have remained active.
A lot of the domains are pointing to an IP that resolves to parking.co.tv, but this isn't actually a parking server - it is a redirector;
Which results in;
This being one of the less "fully malicious" sites. They may have claimed to stop allowing free registrations, but it appears all of those previously created, are still active, and whilst only a suspicion, I've got a feeling they're still allowing the bulk creation of new free hostnames.
Bearing in mind, fake meds are the least of your problems when visiting a .co.tv created site. A lot of them are also leading to malware and exploits and such.
A small smattering of hostnames on 22.214.171.124 for example (known for exploits), includes;
And a little history from the past 9 months (and I'm confident there's a lot I'm not aware of) of the "everything and anything" collection, from fake meds to trojans and exploits (obviously a lot of these are now dead (hence the "history")), sorry about the file, Blogger didn't seem to like me embedding the list directly (400 Bad Request error);
I realise of course, that there's others that are far far worse (co.cc, cz.cc, cx.cc etc etc), but as I've said before, either they get a grip and get this cleaned up, or those of us that are sick of having to deal with the rubbish from their service, are going to have their site taken off them (I've done that with others, and wouldn't have a problem having theirs taken off of them).
Well, it looks like co.tv have seen the blog, as I've received 8 e-mails from them in quick succession this morning, to tell me the hostnames have now been suspended/taken out - time will tell (and I'll be re-testing them all to make sure).
As for you co.tv, re-active is good and all - but not good enough. If you can't be pro-active, you need to shut the service down *completely* until you can be. The same goes for those running cx.cc, co.cc, cz.cc, cu.cc, gv.vg et al.
As an aside for those wondering, a friend over at Malware Domains posted a list of these secondary sites for those that would like to pro-actively block the entire lot of them in one go.
Finally: co.tv cancels free "domain" registration service!