Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Registrar terminated after what looks like domain hijacking
ICANN has canned its first registrar of the year.
Los Angeles-based World Biz Domains will be going out of bizness after ICANN terminated its registrar contract earlier this week, following its non-responsiveness to what appears to be case of domain hijacking.
It’s a nothing registrar, with fewer than 100 domains under management, but it once had over 5,000.
The termination comes following the suspension I blogged about in October, which was related to the transfers to World Biz of 15 potentially valuable domains in late 2018.
The names were all either short numerics or the names of famous places in Singapore and Malaysia.
ICANN spent most of last year demanding records showing that the transfers were legit, but was ghosted.
World Biz allegedly also had failed to deliver Whois records in the proper format, and was behind on its ICANN accreditation fees.
The company will lose its accreditation officially on January 22.
GoDaddy girls often make more money than the men
Women in some roles at GoDaddy are making more money than their male counterparts, according to data released by the registrar today.
In technical positions in the US, female employees are making on average $1.03 for every $1 men make, GoDaddy said. Women in leadership positions make two cents more than men.
But women in non-techie, non-leadership jobs make a penny less than males, the company said.
“The 2019 global salary data shows that GoDaddy is paying men and women at parity across the company, when comparing men and women in like roles,” GoDaddy said.
The new data also shows that 29% of GoDaddy employees globally are female, which is the same as last year.
But the proportion of women in technical jobs decreased by two points to 17%.
Meanwhile, 36% of non-technical roles are staffed by women, up one point from 2018.
In the US, the female contingent was a little higher — 30% overall, 19% of techies and 37% of non-techies.
The male-female mix at GoDaddy appears to be in the same ballpark as what we generally see with attendance statistics coming out of ICANN meetings — roughly 70/30.
GoDaddy started publishing this data five years ago as part of a plan to foster diversity, reduce unconscious bias, and generally get away from its roguish foundational image as a company that flogged millions of domains with “GoDaddy Girls” — usually busty spokesmodels in skimpy clothing.
AlpNames died months ago. Why is it still the “most-abused” registrar?
Despite going out of business, being terminated by ICANN, and losing all its domains several months ago, defunct AlpNames is still being listed as the world’s most-abused registrar by a leading spam-fighting organization.
SpamHaus currently ranks the Gibraltar-based company as #1 on its list of the “The 10 Most Abused Domain Registrars”, saying 98.7% of its domains are being used to send spam.
But AlpNames customers and regular DI readers will recall that AlpNames mysteriously went titsup in March, then got terminated by ICANN, then had its entire customer base migrated over to CentralNic in April.
So what’s this about?
I asked SpamHaus earlier this week, and it turns out that Whois query throttling is to blame.
It seems SpamHaus only pings Whois to update the registrar associated with a specific domain when the domain expires, or the name servers change, or where it’s a new registration with an unknown registrar.
I gather that when CentralNic took over AlpNames’ customer base, it did so with all the original name server information intact.
So, SpamHaus’ database still associates the domains with AlpNames even though it’s been out of business for the better part of a year.
A SpamHaus spokesperson said:
This is a very unusual situation, as a huge majority of the domains that contribute to the Top 10 list in question are created, abused, and burnt quickly; meaning a change of registrar is exceptionally rare. However, in the case of these particular domains registered with AlpNames we can only assume that the sheer volume of unused domains was too high for the owner to use in one single hit.
The actual number of “AlpNames” domains rated as spammy by SpamHaus is pretty low — 1,976 of the 2,002 domains it saw were rated as “bad”.
GMO, at #4 on the list, had over 40,000 “bad” domains, but a lower percentage given the larger number of total domains seen.
Web.com got pwned
Web.com, which owns top 20 registrars Network Solutions and Register.com, got itself and millions of its customers hacked a few months ago.
The company disclosed last week that malicious hackers broke into its network in late August, making off with customer account information.
The attack was not discovered until October 16.
The compromised data included “name, address, phone numbers, email address and information about the services that we offer to a given account holder”, Web.com said.
“We encrypt credit card numbers and no credit card data was compromised as a result of this incident,” it added.
Customers are being told to change their password next time they log in to their services.
It’s not clear how many registrants were affected. The NetSol accreditation has over seven million domains in the gTLDs alone, while Register.com has almost 1.8 million.
Web.com said it brought on a private security firm to investigate the attack, and informed US law enforcement.
After killing the cows, what does the new Tucows logo remind you of?
Tucows has launched a refreshed corporate web site that features a new cow-free logo.
Judging by a video posted on the Tucows.com home page over the weekend, the redesign is largely intended to make the company more appealing to prospective employees, many of whom were confused about what exactly Tucows does.
It is of course the second-largest domain registrar by volume, via its Enom, OpenSRS, EPAG and Hover brands, as well as a virtual mobile phone operator in North America under the brand Ting.
There was a time when the site was a cluttered storefront, but all the customer-facing stuff has long since been devolved to the company’s various branded web sites.
Here are the two logos side by side.
You’ll notice the cows no longer feature. In much the same way as GoDaddy killed off its cartoon “daddy” character last year, Tucows appears to be maturing out of its quirkier roots into a more professional-looking outfit.
But what does the new logo remind you of? I was immediately put in mind of the Warner Music logo, which is basically a flipped version of the Tucows’ stylized W. They even have a similar color scheme.
It’s sufficiently different to avoid confusion, of course, but the similarities are very striking, I thought.
Registrar suspended over dodgy transfers
ICANN has suspended a Los Angeles-based registrar after failing to get answers to its questions about a bunch of domain transfer.
World Biz Domains won’t be able to sell any gTLD domains, or accept transfers, from October 16 until January 13 next year. It will also have to post ICANN’s suspension notice on its home page.
Its crime? Failing to provide ICANN with records proving that the change of registrant requests for 15 potentially valuable domain names were legitimate.
ICANN has been badgering World Biz for these records since April, but says it was given the runaround.
The domains in question — 28.net, 68.net, 88.org, changi.com, tay.net, goh.net, koh.net, kuantan.com, yeong.com, merlion.org, og.net, raffles.net, sentosa.org, sg.org and shenton.com — all appear to have been registered to a Singaporean investor using the registrar DomainDiscover until about a year ago.
The non-numeric names all have significance to Singapore or neighboring Malaysia one way or the other. Some of them are arguably UDPR fodder.
Shenton is a busy street and hotel in the city, Merlion is Singapore’s lion mascot, Sentosa is a Singaporean island, and Raffles is of course the name of the famous hotel. Other domains on the list are common Chinese surnames used by Singaporeans.
It appears that about a year ago, according to DomainTools’ historical Whois records, they were transferred to World Biz and put under privacy protection.
There’s no specific claim in ICANN’s notice that any domain hijacking has taken place, but it’s easy to infer that the original registrant was for some reason not happy that the domains changed hands and therefore complained to ICANN.
Some of the domains in question have since been transferred to other registrars and may have been returned to the original registrant.
If ICANN’s track record of demanding records is any guide, this will not help World Biz come into compliance.
Should it be terminated, it looks like very few registrants will be affected.
While World Biz at one point had over 5,000 gTLD domains under management, it’s been shrinking consistently for the best part of a decade and in May had just 74 DUM.
September last year, when the domains in question moved to World Biz, was the company’s most-successful month in terms of inbound transfers — 17 domains — since I started tracking this kind of data nine years ago.
Whois killer deadline has passed. Did most registrars miss it?
The deadline for registrars to implement the new Whois-killer RDAP protocol passed yesterday, but it’s possible most registrars did not hit the target.
ICANN told registrars in February (pdf) that they had six months to start making RDAP (Registration Data Access Protocol) services available.
RDAP is the replacement for the age-old Whois protocol, and provides virtually the same experience for the end user, enabling them to query domain ownership records.
It’s a bit more structured and flexible, however, enabling future services such as tiered, authenticated access.
Despite the August 26 deadline coming and going, ICANN records suggest that as many as three quarter of accredited registrars have not yet implemented RDAP.
The IANA department started publishing the base URLs for registrar RDAP servers recent.
According to this list, there are 2,454 currently accredited registrars, of which only 615 (about 25%) have an RDAP server.
But I’m not convinced this number is particularly useful.
First, just because a registrar’s RDAP server is not listed, does not mean it does not have one.
For example, the two largest registrars, Tucows and GoDaddy, do not have servers on the list, but both are known to have been working on RDAP services for a long time through public pilots or live services. Similarly, some CentralNic registrars have servers listed while others do not.
Second, of the 1,839 accreditations without servers, at least 1,200 are DropCatch.com shells, which tips the scales towards non-compliance considerably.
Still, it seems likely that some registrars did in fact miss their deadline. How stringently ICANN chooses to enforce this remains to be seen.
ICANN itself replaced its “Whois” service with a “Lookup” service last month.
According to Michele Neylon of the registrar Blacknight, contracted parties can also discover RDAP URLs via ICANN’s closed RADAR registrar information portal.
RDAP and Whois will run concurrently for a while before Whois takes its final bow and disappears forever.
Porn-block retail prices revealed. Wow.
The first retail prices for MMX’s porn-blocking AdultBlock services have been revealed, and they ain’t cheap.
The registrar 101domain yesterday announced that it has started offering AdultBlock and sister service AdultBlock+, and published its pricing.
Trademark owners wanting to block a single string across .sex, .porn, .adult and .xxx will pay $349 per year with the vanilla, renew-annually service.
If they want the AdultBlock+ service, which also blocks homographs, they’ll pay $799 a year or $7,495 for the maximum 10-year term.
Compare this to the Sunrise B offer that ICM Registry made to trademark owners in 2011, where a string in .xxx cost roughly $200 to $300 for a 10-year block.
The two services are not directly comparable, of course. AdultBlock covers three additional TLDs and the AdultBlock+ service covers confusingly similar variants.
But trademark owners are buying peace of mind that their brands won’t be registered as porn sites, and the cost of that peace of mind just increased tenfold.
AdultBlock domains don’t resolve, and are a lot cheaper than domain registrations.
Renewing a single string in all four gTLDs at 101domain prices would cost around $480 a year, so customers will pay about 27% less buying a block instead.
The cost of the first year for those four domains would be $360, just $11 more than the AdultBlock price, according to 101domain’s price list.
MMX, which acquired the gTLD portfolio from ICM last year, is offering a discount on the AdultBlock+ service for customers buying before the end of 2019.
101domain is offering 10 years of AdultBlock+ for $3,999, a saving of $3,500.
101domain is not known as a particularly expensive registrar, so prices elsewhere in the industry could go higher.
Three-letter .com owned by hospital “hijacked”
A California hospital has seen its three-letter .com domain reportedly hijacked and transferred to a registrar in China.
Sonoma Valley Hospital, a 75-bed facility north of San Francisco, was using svh.com as its primary domain until earlier this month, when it abruptly stopped working.
The Sonoma Index-Tribune reports that the domain was “maliciously acquired”, according to a hospital spokesperson.
It does not seem to be a case of a lapsed registration.
Historical Whois records archived by DomainTools show that svh.com, which had been registered with Network Solutions, had over a year left on its registration when it was transferred to BizCN in early August.
BizCN is based in China and has around 711,000 gTLD domains under management, having shrunk by about 300,000 names over the 12 months to April.
The Sonoma newspaper speculates that the domain may have been hijacked via a phishing attack. It’s not clear whether the hospital or NetSol, part of the Web.com group, was the target.
Three-letter .com names are highly prized, usually selling for tens of thousands of dollars.
Domain investors should obviously steer clear of svh.com, which will is probably already up for sale.
Not only is there a possibility of attracting unwelcome legal attention, but there’s also the moral implications of paying somebody who would steal from a hospital.
The hospital in question has now changed its name to sonomavalleyhospital.org. This transition, which includes migrating the email addresses of all of its staff, seems to have taken several days.
Anyone sending personal medical information to the old svh.com email addresses may find that information in the wrong hands.
Epik will sponsor 8chan’s domain, but will not host its site
Controversial free-speech registrar Epik has said it will take 8chan’s domain name business, but will not provide content delivery services for the site.
In a post entitled “Epik draws line on Acceptable Use”, CEO Rob Monster wrote:
Upon careful consideration of the recent operating history of 8Chan, and in the wake of tragic news in El Paso and Dayton over the weekend, Epik has elected to not provide content delivery services to 8Chan. This is largely due to the concern of inadequate enforcement and the elevated possibility of violent radicalization on the platform.
He wrote that a “principal” of 8chan approached the company about transferring its domain to Epik on Monday.
The domain was in fact transferred, as DI reported shortly after it happened. Monster told DI that he had not actively solicited the site’s business.
While there’s no evidence its previous registrar, Tucows, had any intention of suspending the domain, its denial-of-service protection provider, CloudFlare, has publicly ditched 8chan and accused it of being responsible for the hate that lead to the El Paso shooting on Saturday.
8chan is a wild-west message board largely frequented by people with far-right views on race. It came in for extra scrutiny when it was reported that the El Paso terrorist posted a racist, anti-immigrant manifesto to the site shortly before the attack.
The site’s current owner, Jim Watkins, posted a surreal video to Twitter yesterday claiming, among other things, that the manifesto had in fact been posted by a third party.
Monster wrote that Epik was “reticent” about allowing 8chan to use its BitMitigate service to replace CloudFlare.
Its decision was moot anyway, as during the course of Monday speculation that 8chan would move to BitMitigate caused Epik’s service provider, Voxility, to sever ties with the company.
This caused BitMitigate to “temporarily” stop working for all of its customers, though regular domain registrants were not affected, Epik said.
Monster wrote that Epik will continue to provide services to all customers that publish legal content, but that it reserves the right to deny service in cases where the site’s owner has shown itself incapable of properly moderating user-generated content.
At time of writing, 8ch.net is not resolving at all for me.
Recent Comments