Latest news of the domain name industry

Recent Posts

153 registrars fingered for ICANN security probe

Kevin Murphy, January 18, 2021, Domain Registrars

Registrars will be asked to account for abusive domain names found on their services, under a new ICANN security audit.

ICANN says it will soon send requests for information to 153 registrars, asking them to provide documentation showing how they dealt with domains used for distribution of malware or spam.

Registrars will get audited if more than five domains under their sponsorship showed up on a number of block-lists ICANN uses (SpamHaus and the like) during November 2020.

ICANN is spinning the number of affected registrars as a very small percentage of the accredited base, but it really isn’t.

It said that “only” 153 out of 2,380 accredited registrars are affected, apparently willfully ignoring the fact that well over 1,700 of these registrars are shell accreditations used for drop-catching and belonging to just two companies: Web.com and NameBright.

Domains never stick around at drop-catch shells for long, and abusive registrants typically aren’t buying expensive names on the aftermarket, they’re prowling the budget registrars for sub-dollar bargains and bulk-reg tools.

Up to a couple hundred or other accredited registrars have no or negligible domains under management. Several more are corporate registrars with no retail front-end.

So we’re really looking at “only” 153 out of 500 to 600 active retail registrars that saw the required level of abuse, a much higher percentage than would be ideal.

The audit is part of ICANN’s regular Contractual Compliance Audit Program, which seeks to determine whether any registrars or registries are in breach of their contractual obligations.

Under the 2013 Registrar Accreditation Agreement, registrars are obliged to document their responses to abuse reports, keep the data for two years, and hand it over to ICANN on demand.

ICANN hopes to finish the audit by the third quarter this year.

Gun nut site crashes at Epik after GoDaddy shoots it down

Kevin Murphy, January 18, 2021, Domain Registrars

A site for American gun enthusiasts has switched registrars, moving its domain to Epik — apparently with the consent of CEO Rob Monster — after GoDaddy turfed it out for allegedly inciting violence.

According to a GoDaddy statement at the weekend, the registrar had received complaints about content on AR15.com — that’s the name of a gun popular with spree killers — and determined it “incited violence”.

It informed the domain’s owner the same day, January 8, two days after the Capitol Hill riots, giving him 24 hours to remove the offending content.

It’s not clear what the content in question was, but given the timing and the fact that the site is a scarily popular forum with largely user-generated content, it’s not difficult to imagine.

AR15.com’s owner, identified in a video as GoatBoy, claims that by the time he received the email from GoDaddy, the forum’s moderators had already removed the posts on the grounds that the site also has a policy against incitement to violence.

But GoDaddy disagrees, saying the content could still be found after its supposed removal. It took down the domain on January 11. It said in a statement:

We do not take action on complaints that would constitute censorship of content that represents the exercise of freedom of speech and expression on the Internet. In instances where a site goes beyond the mere exercise of these freedoms, however, and crosses over to promoting, encouraging, or otherwise engaging in violence, as was the case with AR15.com, we will take action.

The AR15.com domain is now hosted by Epik, which has in recent years made a name for itself as a refuge for sites frequented by those with far-right views, such as 8chan, Gab and Parler.

GoatBoy says in the video embedded below: “I had the privilege of speaking with some of the guys on the executive staff, including the owner of Epik. Their views really align well with ours. They’re very pro First Amendment and very pro Second Amendment.”

Net 4 India gets unwelcome Christmas gift from ICANN

Kevin Murphy, January 4, 2021, Domain Registrars

Struggling Indian registrar Net 4 India has been hit by its third notice of contract breach by ICANN, in a letter delivered Christmas Eve.

Net4 is on ICANN’s naughty list this time due to its alleged violations of ICANN’s transfer and expired domains policies. The breach notice is very similar to that delivered just two weeks earlier, concerning different domains.

ICANN reckons Net4, once India’s largest independent registrar, has in some cases been transferring domains to a partner registrar, OpenProvider, without the consent or knowledge of the registrant.

It’s been asking the company for records proving compliance, which Net4 has apparently not been providing. Therein lies the alleged breach.

Net4 has been persona non grata among many of its customers for several months, with complaints about billing and renewal failures, expirations, and a general lack of customer service availability compounded by the coronavirus pandemic.

The company has also been fighting an insolvency proceeding over millions of dollars in allegedly unpaid debts for years, which has been the subject of an ICANN breach notice for about 18 months.

The Christmas Eve breach notice gives Net4 until January 14 to turn over the relevant records or possibly face termination.

But that might prove moot — the December 10 notice had a deadline of December 31, so the wheels may already be in motion.

GoDaddy’s female geeks make a bit more than men

Kevin Murphy, January 4, 2021, Domain Registrars

Women working at GoDaddy in technology roles on average make a penny more on the dollar than their male counterparts, but their bosses don’t fare nearly as well, according to the company’s latest published diversity data.

The market-leading registrar said last week that on average across the company globally, women make the same amount as men in like roles, but the female techies make $1.01 for every $1.00 the men make.

But women in leadership roles make $0.95 for every dollar made by than their male counterparts, the company said.

Comparable data for 2019 was not available.

However, in its native US, GoDaddy is paying women a penny more on average across all roles, up one cent on the 2019 data.

The reverse trend was true of female employees in leadership roles in the US, where they made $0.95 on the dollar in 2020, compared to $1.02 in the previous year.

In tech, the ratio approached parity, with women getting $1.01 on the dollar, compared to $1.03 in 2019.

Women make up 30% of GoDaddy employees, 33% of leadership, but only 19% of techies, the report says. Those are all slight improvements on 2019.

GoDaddy pranks employees with “insensitive” phishing test

Kevin Murphy, December 28, 2020, Domain Registrars

GoDaddy has apologized to its staff after teasing them with a $650 Christmas bonus that turned out to be nothing but a test of whether they could be duped into handing over their sensitive personal info.

Employees worldwide reportedly received emails promising the bonus December 14 from an official-looking but presumably spoofed address.

Those who clicked through and filled out a form with their personal data received a second email a few days later informing them they’d actually just failed a “phishing test” and would “need to retake the Security Awareness Social Engineering training.”

Around 500 staff reportedly failed the test.

But many were pissed off that the company would dangle a bonus, only to snatch it away, just a week before Christmas and at a time when the coronavirus pandemic has caused many to fear for their livelihoods.

While GoDaddy rode out the pandemic just fine, it laid off hundreds, regardless.

After the prank last week attracted media attention, the company apologized to its employees, saying in a statement sent to the AFP:

GoDaddy takes the security of our platform extremely seriously. We understand some employees were upset by the phishing attempt and felt it was insensitive, for which we have apologised. While the test mimicked real attempts in play today, we need to do better and be more sensitive to our employees.

I sincerely hope nobody spent their illusory $650 in the days before the test was revealed.

ICANN throws the book at Net4 over dodgy transfer claims

Kevin Murphy, December 15, 2020, Domain Registrars

Struggling Indian registrar Net 4 India has been slammed with a massive breach notice by ICANN, following claims of domain transfers failing or happening without the consent of the registrant.

ICANN also accuses the company, which is or was India’s largest independent registrar, of trying to bullshit its compliance staff about whether expired domains had been renewed or not.

According to ICANN, Net4 is in breach of the Registrar Accreditation Agreement on four counts, three of which relate to domain ownership records.

ICANN says the company isn’t operating a Whois service on the web or port 43, has failed to escrow its registration data on two recent occasions, and has failed to hand over registrant information upon ICANN’s request.

It’s also past due with its fees, ICANN says.

ICANN’s been dealing with complaints about Net4 for months, after the company’s customer service system appeared to break down in the wake of the coronavirus pandemic. Hundreds of customers have said their domains were unrenewable and that they were unable to transfer to another registrar.

In the latest breach notice — the first published breach notice against any registrar since February — ICANN names almost 200 domain names that have allegedly been held hostage at Net4, despite the registrant’s efforts to transfer out.

ICANN wants proof that registrants were given transfer authorization codes and that their domains were unlocked.

In a smaller number of cases, ICANN wants proof that domains were transferred to Net4 partner Openprovider, for which it acts as a reseller, with the consent of the registrants.

It also claims that Net4 has more than once tried to prove that a registrant renewed their expired name by supplying the registry’s expiration date instead of its own, to blag its way out of accusations that registrants were unable to renew.

ICANN also accuses the registrar of dragging its feet to address complaints:

Over the past few months, the number of complaints ICANN Contractual Compliance has received from [registered name holders], and authorized representatives, asserting that Net 4 India is exhibiting a pattern of non-response to domain transfer and renewal requests has steadily increased. While addressing the relevant compliance cases, Net 4 India’s responses to ICANN Contractual Compliance have also regularly been untimely and incomplete.

Net4 is now in the unprecedented position of being subject to two different breach notices simultaneously.

ICANN actually issued a suspension notice in June 2019, after noticing that Net4 had been in insolvency proceedings for two years — a debt recovery agency is trying to recover $28 million in unpaid debts.

But that suspension deadline was paused after talks with the “resolution professional” handling the insolvency case, for reasons ICANN’s been rather quiet about, and it remains on pause to this date.

The newest breach notice has a December 31 deadline on it. Unless Net4 turns on its Whois and hands over the reams of requested data by then, ICANN could terminate its contract.

Assuming the insolvency court allows it to, presumably.

Three more new gTLDs blink out of existence

Kevin Murphy, December 8, 2020, Domain Registrars

Another new gTLD registry operator, representing three dot-brands, has told ICANN that they want their contracts scrapped.

The registry is CNH Industrial, and the gTLDs are .case, .caseih and .newholland.

To be honest, if you’d asked me yesterday whether these TLDs existed or not, I would have guessed not.

But CNH is a pretty big deal — a New York-listed multinational maker of construction and agricultural equipment and vehicles with over $28 billion in revenue last year. Case and New Holland are two of its brands.

The brands do not appear to have been discontinued, so this seems to be a typical case of company simply deciding against using its TLDs, which it probably shouldn’t have applied for in the first place.

None of them has any domains beyond the mandatory nic.example site.

Interestingly, it has a fourth dot-brand, .iveco, representing a vehicle brand, that so far it does not seem to have terminated, judging by ICANN records. But that’s not in use either.

The terminations bring the total dead dot-brands to 85, 16 of which died this year.

NameSilo in profit as sales rise 11%

Kevin Murphy, December 1, 2020, Domain Registrars

Canadian registrar NameSilo today reported a profit for the third quarter, as bookings increased 11% sequentially over the three months to September 30.

One of the fastest-growing registrars, the company said that as of today it has 3.54 million domains under management, up from the 3.45 million it reported at the start of September.

NameSilo said its revenue for the quarter was $8.07 million, up 2.8% on Q3 2019. Its net income was $2,72 million, compared to a net loss of $753,093 a year earlier.

Much of the net income was attributable to income on investments, the firm said.

Bookings, which represents the number of domains sold but not yet recognized as revenue for accounting purposes, was up 11% compared to Q2 at $8.4 million.

CentralNic more than doubles revenue as parking business thrives

Kevin Murphy, November 30, 2020, Domain Registrars

CentralNic today reported revenue growth of 118% for the nine months to September 30, largely on the back of its recently acquired domain monetization business.

The company said it made a net loss after tax of $6.2 million, compared to $6 million, on revenue of $168.5 million.

Still casting itself as the domain industry’s consolidator, most of the growth came due to acquisitions made over the last couple of years, so CentralNic has also published pro forma results to give a better sense of organic growth.

On that basis, revenue was up a still-decent 17%.

The acquisition of Team Internet, which offers the ParkingCrew and Tonic monetization services, for $48 million just over a year ago was the biggest booster of growth.

Pro forma, CentralNic’s monetization segment was up 39% to $72.9 million in revenue, mostly due to a whopping 36% increase in RPMs.

Ninety-two percent of its monetization revenue comes from a single customer.

CentralNic’s indirect segment, which unhelpfully bundles together its registrar reseller channel with its registry service provider operation and .sk registry operator business, was up 51% to $63.5 million and up 8% to $65.2 million pro forma.

The company said the growth was mostly due to the acquisitions of TPP Wholesale and Hexonet Group last year.

The direct segment, which comprises its retail registrars as well as software and consultancy, dipped by 9% to $32.1 million, or 2% to $31.8 million pro forma.

GoDaddy has a secret weapon in its push into corporate domains

Kevin Murphy, November 19, 2020, Domain Registrars

While GoDaddy has been focused for the last two decades on small and microbusiness customers, its entry this year into the corporate domains management space should not be dismissed — the company has one huge advantage.

Earlier this week, the company announced the launch of GoDaddy Corporate Domains, really just a rebranding of the company Brandsight, which it acquired back in February.

The move pits GoDaddy against industry leaders such as MarkMonitor, CSC, Com Laude, Safenames et al.

But the company has one huge advantage that its new competitors do not have: cybersquatters and criminals.

Buried at the bottom of this week’s press release is the announcement of a new service, the Verified Intellectual Property program, which “provides pre-vetted, well-known and famous brands an escalation path to address IP abuse”.

It sounds basically like a trusted notifier service not unlike those offered at the registry level by the likes of Donuts and Radix.

VIP clients will be able to get sites and domains hosted on GoDaddy taken down much quicker, via a special escalation email address, a spokesperson said. Takedown requests will still be subject to manual review, he said.

VIP is currently invitation-only, but I assume being a Corporate Domains customer would help expedite an invitation.

This kind of service is something GoDaddy’s new rivals cannot offer — they generally have no retail channel or hosting, so have no cyberquatters, pirates or counterfeiters as customers. If they want to take down a domain or web site, it’s not a simple matter of flipping a switch.

They also don’t have tens of millions of domains under management, many of which, through no fault of GoDaddy, will be maliciously registered.

This is potentially a pretty cool USP for GoDaddy, which could have rivals worried.