Latest news of the domain name industry

Recent Posts

GoDaddy denies weird front-running claim

Kevin Murphy, September 21, 2020, Domain Registrars

GoDaddy has been forced to deny (again) that it engages in front-running after a social media post attracted hundreds of comments.

Front-running is the practice of a registrar monitoring customers’ availability searches then registering the name itself in order to mark it up to a premium price.

No reputable registrar does this any more, if only because it would be reputation suicide.

But a poster on HackerNews claimed to have been exploited in precisely this way,

searched a few days ago for felons.io, looked for unique names for simple game didn’t know if I wanted it or not

guess godaddy decided for me: 1 days old Created on 2020-09-16 by GoDaddy.com, LLC

just a warning if you have a special name do not use godaddy to check if its available

Domains can appear to be front-run due to the law of large numbers. Registrants may think they’re the only one with a unique domain idea, but they’re likely not.

After the HackerNews post attracted hundreds of comments (largely promoting Namecheap as a superior competitor) and a post from Eliot Silver, GoDaddy decided to issue a response.

“These accusations are 100% false. This type of behavior is predatory, unethical, and goes against everything we stand for as a company,” registrar head Paul Bindel posted over the weekend.

Bindel went on to post the results of search queries for “felons” and related terms over a couple of weeks. There weren’t a huge amount.

Complicating the story, he also says that the felons.io domain was suspended not long after registration, and will soon be deleted, after it was flagged as a fraudulent registration by a compromised account.

Interestingly, the HackerNews account used to post the original allegation appears to have been created on the same day as the post, which is literally the only thing he or she ever posted on the site.

Is India’s largest registrar about to go titsup? And where the hell is ICANN?

Kevin Murphy, September 21, 2020, Domain Registrars

India’s largest independent domain name registrar appears to be “doing an AlpNames”, with many customers complaining about domains going dark, transfer codes not being issued, and customer support being unavailable for weeks.

Net 4 India, which claims to have 400,000 customers, has been in insolvency proceeds for over two years, but it’s only in the last couple months that the complaints have started piling up by the scores from disgruntled customers.

A major complaint is that renewals are not processed even after they are paid for, that transfer authcodes never arrive, that customer support never picks up the phone or replies to emails, and (occasionally) that the Net4 web site itself is down.

As we saw with AlpNames last year and RegisterFly back in the mists of time, These are all the warning signs of a registrar in trouble.

On its web site, Net4 prominently warns customers that its call centers are operating on a skeleton staff due to India’s coronavirus lockdown measures, which may account for the lack of support.

But there are reports that customers have visited the company’s offices in person to find them closed.

There’s been radio silence from the registrar. Even its Twitter account is private.

Many local commentators are pointing to the fact that Net4 is in protracted insolvency proceedings as the true underlying issue.

There have been calls for government intervention, action by .in registry NIXI, ICANN enforcement, and even the Indian equivalent of a class action lawsuit. This local cyber law blogger is all over it.

But what is ICANN doing about it?

Net4 was taken to a quasi-judicial insolvency court in 2017 by a debt-recovery company called Edelweiss over the rupee equivalent of about $28 million of unpaid loans from the State Bank of India.

ICANN has been aware of this fact since at least April 2019, when it started calling the registrar for an explanation.

Under the standard Registrar Accreditation Agreement, being in insolvency for over 30 days is grounds for unilateral termination by ICANN.

ICANN could terminate the agreement and transfer all of Net4’s gTLD domain names to a different registrar pretty much at will — all the registrant data is in escrow. This would not protect Net4’s many thousands of .in registrants of course.

ICANN suspended Net4’s RAA in June last year, but Net4 somehow managed to talk its way out of it. ICANN later rescinded the suspension on the proviso that the registrar provide monthly updates regarding its insolvency.

Net4’s cure period has been extended three times by ICANN. The latest expired July 31 this year.

At least one ICANN staffer is on the case, however. ICANN’s head of India Samiran Gupta has recently been reaching out to customers on Twitter, offering his email address and assistance getting in contact with Net4 staff, apparently with some success.

But Net4 had 95,000 gTLD names under management at the last count (though it’s been hemorrhaging thousands per month) so this individual approach won’t go very far.

Webcentral rejects Web.com buyout bid for LOWER offer from Aussie telco

Kevin Murphy, September 18, 2020, Domain Registrars

Pioneering registrar Webcentral has turned down Web.com’s offer to acquire it in favor of a lower offer from telecommunications company 5G Networks.

The company announced this week that 5GN will pay one share for ever 12 shares of Webcentral, which works to to between AUD 18.7 million and AUD 19.5 million ($14.24), depending on which trailing average price you use.

That’s between AUD 0.153 and AUD 0.16 per share, compared to Web.com’s recently increased bid of AUD 0.18 per share.

It’s a 138% premium based on 5GN’s September 16 closing price and Webcentral’s closing price before the Web.com deal was announced two months ago.

So why take the lower offer? Webcentral offered a few reasons, the most compelling of which was that there seems to have been a certain amount of arm-twisting going on.

The Web.com deal would have required 75% of Webcentral’s shares to be voted in favor of the acquisition and 5GN already owned over 10% and said it would vote them against. The 5GN deal only requires it to acquire 50.1% of the shares.

5GN will also pay off Webcentral’s debts and pay Web.com the AUD 500,000 penalty incurred for breaking the original July deal.

Webcentral was previously known as ARQ Group and, as one of the original five ICANN=accredited registrars, Melbourne IT. It owns the registrars Netregistry and Domainz. it became Webcentral after selling its wholesale business to CentralNic and its enterprise unit to private equity.

5GN, despite the name, is a largely wire-based telco and hosting provider. It doesn’t currently own any registrars.

CentralNic parking boosts revenue even as its registrars suffer

Kevin Murphy, September 2, 2020, Domain Registrars

CentralNic reported what it called “outstanding” first-half financial results yesterday, with growth from its new parking business more than offsetting a decline in its registrar business.

The company reported H1 revenue of $111.1 million, up 124% year over year. Adjusted EBITDA was up 64% to $15.1 million.

But these remarkable numbers were driven primarily by acquisitions — CentralNic made four in the second half of last year. Its estimated organic growth was more modest.

On an apples-to-apples basis, revenue was up 18% and adjusted EBITDA was up 16%.

The company has reorganized how it reports its various segments into “direct”, “indirect” and “monetization”. Two of those segments grew while one shrank.

The direct segment, which basically means CentralNic’s collection of retail registrars, saw revenue down 11% at $21.6 million, but a lot of that was due to rejiggering the reporting segments. Apples-to-apples, revenue was down 1% at $20.9 million.

Indirect, which bundles together its wholesale registrars, registry and registry back-end services, saw revenue up 62% at $41.2 million. Apples-to-apples, the growth was 9%.

But the standout performer was the new monetization segment — domain parking, which became a big deal after CentralNic acquired German outfit Team Internet last year — which saw revenue up 38% at $48.5 million.

The one worryingly dark spot in this segment is the fact that one customer is responsible for over 92% of revenue.

ICANN apologizes to “arms dealer” claim security firm after email goes missing

Kevin Murphy, August 31, 2020, Domain Registrars

ICANN has apologized to the security company that claimed an accredited registrar was in league with malware distributors, after an email went AWOL.

You may recall that registrar GalComm was accused by Awake Security last month of turning a blind eye to abuse in a report entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars” and that ICANN’s preliminary investigation later essentially dismissed the allegations.

ICANN had told GalComm (pdf) August 18 that Awake had not “to date” contacted ICANN about its allegations, but that appears to have been untrue.

GalComm’s lawyers had in fact emailed a letter to ICANN, using its “globalsupport” at icann.org email address, on August 6, as said lawyers testily informed (pdf) Global Domains Division VP Russ Weinstein August 20.

Weinstein has now confirmed (pdf) that a letter from Awake was received to said email address but “was not escalated internally”. He said he was “previously unaware” of the letter. He wrote:

I apologize for this inadvertent oversight and we will use this as a training opportunity to prevent such errors in the future.

GalComm has been threatening to sue Awake for defamation since the “arms dealer” report was published, so it looks like ICANN’s decision to eat humble pie is probably a prudent way to keep its name off the docket.

The letter from Awake’s lawyers (pdf) also includes a lengthy explanation of why the original report is not, in its view, defamatory.

The lesson for the rest of us appears to be that the ICANN email address in question is probably not the best way to reach ICANN’s senior management.

Weinstein said that abuse complaints about registrars should be sent to its “compliance” at icann.org address.

“Arms dealer” registrar probed by ICANN

Kevin Murphy, August 20, 2020, Domain Registrars

ICANN’s top security thinkers are looking into hotly denied claims that an Israeli registrar collaborated with malware distributors.

Luckily for the registrar, GalComm, so far they’ve come up empty-handed and ICANN has told the company it does not consider it “malicious”.

ICANN told GalComm this week that its Security, Stability and Resiliency team is looking into a report published by security consultancy Awake Security in June entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars”.

The report connected GalComm to over 100 malicious browser extensions, used to steal data, that have been installed 33 million times. GalComm was apparently the attackers’ registrar of choice.

While Awake did not report the registrar to ICANN, GalComm took it upon itself to write to ICANN to deny the allegations, saying that it merely acted as a neutral registrar and had no involvement in hosting or distributing the malware.

It also demanded that Awake retract its report and apologize or face legal consequences. The report is still available.

Now, ICANN has written back (pdf) to assure the registrar that its investigations to date has been “unable to corroborate the findings Awake Security presented and it does appear that Awake Security had an inaccurate picture of the total domains under management by GalComm”.

It added that the investigation is ongoing, however:

Based on the information we have been able to obtain to date, we have no reason to believe it appropriate for GalComm to be considered a “malicious domain registrar” as asserted by Awake Security. However, as noted in Awake Security’s report, the malicious actors behind the domains in question may be utilizing detection evasion techniques. As such, our investigations continue, and we appreciate GalComm’s cooperation and support of those investigations.

ICANN has previously told news outlets that it receives very few complaints about GalComm, none related to malware.

The two biggest registrars knock it out of the park in Q2

Kevin Murphy, August 11, 2020, Domain Registrars

GoDaddy and Tucows, the industry’s two largest registrars, both last week posted very strong second-quarter results due to the beneficial impact of the coronavirus lockdown.

Market-leader GoDaddy in particular seems to have knocked it out of the park, adding a ridiculous 400,000 net new customers during the April-June period, the strongest quarterly performance in the company’s 20-year history.

The company reported domains revenue of $369.6 million, up 10.5% on the year-ago quarter, its strongest-performing segment.

Tucows, meanwhile, reported domains revenue essentially flat at $60 million, but pointed to registration growth as an indicator of its showing.

Tucows CEO Eliot Noss said in prerecorded remarks that new registrations from its reseller channel were up 41% in the quarter, with overall wholesale registrations up 7% to 4.3 million.

In the retail channel, domains under management was up 9% year-over-year to 400,000, with new registrations up more than 20%.

The CEOs of both companies were unambiguous that the coronavirus pandemic could take credit for their results. Noss said:

As expected, in Q2 we saw the full effects of the pandemic that we began to experience toward the end of Q1, with businesses globally moving quickly online, and displaced workers turning to entrepreneurship as the next stage in their career paths. A large proportion of that new registration activity was those resellers who focus on helping small and micro-sized businesses and start-ups establish a web presence for the first time.

GoDaddy CEO Aman Bhutani characterized the virus as a catalyst for businesses stubbornly remaining offline to finally get a web presence, telling analysts:

COVID-19 has pushed a number of people past the point of inertia where they were not adopting digital… because people have no choice but to go digital to support their businesses, we’re seeing people experimenting with ideas. We’re seeing people come online, even though they had hesitated to do it in the past.

Overall, GoDaddy reported revenue up 9.4% at $806.4 million. Its net loss was $673.2 million, due mostly to a one-time tax-related payment.

Tucows overall revenue was $82.1 million, down from $84.1 million, largely due to the drag factor of its recently restructured Ting Mobile business. Net income was $157,000, down from $2.6 million.

.bible-thumping anti-porn registrar goes titsup

Kevin Murphy, August 5, 2020, Domain Registrars

An American registrar that prided itself on promoting .bible domain names and refusing to sell to pornographers has gone out of business.

PurityNames, which called itself “the only company that refuses to profit from pornography”, ceased operations July 27 and has had its accreditation agreement with ICANN voluntarily terminated.

In a notice on its web site, the company blamed its demise on “recent increases in regulatory requirements and costs as well as economic headwinds”.

Founded by seasoned ICANN policy expert Jim Prendergast, the company’s shutdown appears to have been handled the right way.

PurityNames’ small customer base has been transferred to 20-year-old Israeli registrar Domain The Net, and pre-paid hosting packages will be honored, according to the registrar.

The company was founded in 2011 in order to give registrants a “family-friendly” venue for registering names. It refused to deal with not only porn but also gambling and other “immoral” services.

It also actively promoted .bible domain names. Prendergast is an ICANN policy consultant for the .bible registry.

But apparently there was not much demand for either. As of March, PurityNames had 288 domain names under management, down from a 2015 peak of 536, and only 10 .bible registrations.

Tucows sells off Ting business, retreats into the back-end

Kevin Murphy, August 3, 2020, Domain Registrars

Tucows has sold its Ting Mobile brand and customer based to DISH Network, repositioning itself as a provider of white-label back-end mobile services.

The company which is also the second-largest domain registrar, has found success in recent years as a mobile virtual network operator (MVNO) with Ting. Following the DISH deal, it will become a mobile services enabler, or MSE.

It’s basically a move away from providing customer-facing mobile services. Instead, it will provide the back-end technology platform, and DISH is its first customer.

CEO Elliot Noss said in a prerecorded statement:

We still get asked about the connective tissue between Domains and the mobile business, and it all boils down to our competence in billing, provisioning, and customer service for underserved technology markets.

He added that Tucows has been approached by other potential MSE partners over the years.

DISH gets to use the Ting brand for two years, with an option to acquire it at the end. Tucows will continue to offer Ting wired broadband services, but will change its name if DISH exercises the buyout option.

All Ting mobile customers have been handed over to DISH as of Saturday, but no money has changed hands up-front. Instead, Tucows expects to see increased margins over time from the cost savings and monthly fees DISH will pay it. It will also be paid for transitioning the business over to DISH.

Tucows expects the deal to be “neutral to slightly negative” to its 2020 earnings.

DISH is primarily a satellite television provider, but it entered the mobile market a month ago with the acquisition of Boost Mobile.

Israeli registrar denies “arms dealer” claims

Israeli registrar GalComm has denied being involved in a widespread malware distribution scheme after being fingered by a security outfit.

Last month Awake Security accused the registrar, officially Communigal Communication Ltd, of being “at best complicit in malicious activity”.

The firm published a report entitled “The Internet’s New Arms Dealers: Malicious Domain Registrars” which linked GalComm to a network of malicious Chrome browser extensions the firm said can steal sensitive data from users who have them installed.

It identified 111 such plug-ins, which it said have been downloaded 33 million times, using over 15,000 domains registered via GalComm.

GalComm has around 48,000 domains registered in gTLDs at the last count, so that’s a sizable percentage of the registrar’s business.

Awake came to the conclusion that GalComm was well-aware of what its customers were up to.

Now, the registrar has sent a cease-and-desist notice to Awake, CC’d to ICANN (pdf), in which it denies all knowledge and responsibility for the malware.

GalComm’s line, to summarize, is that it’s just a registrar, and that it has no obligation to monitor how its customers use their domains.

It adds that the domains in question amount to 10% of its DUM. Still a pretty big chunk.

The company wants Awake to retract its report by today, which it has not yet done, or it will call in the lawyers.