Latest news of the domain name industry

Recent Posts

Over 660,000 “coronavirus” domains registered

There have been hundreds of thousands of domains that appear to refer to coronavirus registered since the start of the outbreak, but the domain industry reckons only a tiny portion of them have been used maliciously.

Speaking on a recent webinar, ICANN security specialist Sion Lloyd said that up until the end of May, ICANN had found 662,111 domains that at first glance appeared to be related to the pandemic.

ICANN had cast a wide net, parsing the zone files for all of the gTLDs and a handful of ccTLDs for strings such as “covid”, “corona”, “mask”, “quarantine” and “lockdown” in multiple languages.

But it also searched for homoglyph variants, such as replacing the O in Covid with a 0, and this brought in hundreds of thousands of false positives.

The actual number of domains that appear to refer to the virus and its impact is more like 170,000, Lloyd said.

The word “mask” was more commonly found than “corona”, but less frequently than “covid”.

The research was done as part of ICANN’s attempt to provide registries and registrars with data they could use to mitigate abuse, such as the sale of fake vaccines, fraud or phishing attacks.

But ICANN said that after it ran thousands of daily registrations through various public threat lists, it found a few hundred per day were potentially suspicious. At the peak, roughly 10 per day were considered serious enough to refer to registrars. That’s now down to three or four a day, Lloyd said.

His research was backed up by similar studies, albeit using slightly different methodologies and different-sized nets, by registries and registrars.

Tucows’ Graeme Bunton showed data reflecting that the registrar was seeing about 300 coronavirus-related regs per day at its peak in March.

The company had its compliance team manually check each domain, and found that only 0.5% were being used for clearly malicious purposes. The large majority — around 70% — were parked or not resolving, he said.

Jim Galvin from Afilias said that at the March peak the registry was seeing almost 900 coronavirus domains across its 25 gTLDs every week. That had dropped to under 100 by the end of March.

Brian Cimbolic of Public Interest Registry said that there had been 14,700 total registrations by the end of May, with the early April peak seeing over 500 in a single day.

While all this work is an example of ICANN and the industry getting involved to some extent in content regulation, Tucows’ Bunton said that it was an “exceptional” circumstance that was unsustainable and of limited use.

More data and the webinar recording can be found here.

Should Epik be banned from NamesCon as racism debate spills over into domain industry?

Should GoDaddy-owned domain conference NamesCon ban the controversial registrar Epik from its conferences, after a day in which the domaining fraternity descended into a race row?

The fight kicked off last night when Epik director and noted domain investor Braden Pollock announced he was quitting the board over ideological differences with CEO Rob Monster.

Pollock did not explain his exact reasons for quitting, but the assumption among domainers on Twitter and elsewhere, perhaps due to heightened race awareness during the ongoing Black Lives Matter protests, was that it was race-related.

Pollock’s wife is the civil rights attorney Lisa Bloom, who is currently representing victims of police violence during the BLM protests.

Monster is a conspiracy theorist and Bible-bashing Christian who has been accused over the years of racism, antisemitism, and worse.

Even if Monster is not a racist (and plenty of his associates, even his critics, believe he is not), Epik is certainly friendly to racist registrants.

It caused controversy in March last year by publicly offering to host gab.com, the Twitter clone most often used by right-wing refugees escaping Twitter’s ban hammer.

It also took the domain business of 8chan, a forum site frequented by racists, though it refused to actually host the site.

The registrar is also very popular with domainers, due to its low price and domainer-friendly services.

Before long, Pollock’s tweet had spawned a thread of domainers expressing support for either Pollock or Monster, as well as casually throwing accusations of racism at each other.

Pretty much the same thing was going on over on NamePros and Facebook.

Epik all but confirmed that race was at the center of the disagreement by tweeting out the names of a couple dozen employees, whom I can only assume are not white, with the hashtag #diversity.

Monster himself posted a short video in which he appeared to denounce racism.

Later today, Epik posted a screenshot of a Facebook comment by NamesCon CEO Soeren von Varchmin, in which he suggested Epik had been banned from the conference, which the company has previously sponsored.

The tweet tagged both GoDaddy and the US Federal Trade Commission.

While the von Varchmin comment is genuine, I’m told that he was speaking in a personal capacity and it’s not current GoDaddy policy to ban Epik.

But should it?

GoDaddy starts protecting American customers’ privacy

GoDaddy has today started redacting the Whois records of its US-based customers, bringing them into line with the European counterparts.

The company was one of the few registrars to differentiate its European customers from those elsewhere when it implemented the EU’s General Data Protection Regulation two years ago, primarily because it was also one of the dwindling number of registrars charging for Whois privacy services.

American privacy customers are reportedly to be offered a partial refund or the chance to upgrade to a service that also includes two-factor authentication and malware scans.

From today, Whois records for American registrants only show a registrant organization, state and country. Email addresses and phone numbers are gone.

While this is no doubt a boon to most GoDaddy customers in terms of privacy protection, it’s likely to cause frowns in those parts of the community that rely upon Whois to make the job of tracking down ne’er-do-wells easier.

As the largest registrar by a considerable margin, the likes of law enforcement, intellectual property owners and security researchers have just lost access to millions of records.

There is a contact form at the bottom of each record that can be used to get in touch with the registrant, via GoDaddy, so it should still be possible to communicate with those who want to be communicated with.

CSC removes reference to “retiring” new gTLD domain after retiring new gTLD domain

The corporate registrar and new gTLD management consultant CSC Global has ditched a new gTLD domain in favor of a .com, but edited its announcement after the poor optics became clear.

In a brief blog post this week, the company wrote:

We’re retiring cscdigitalbrand.services to give you a more user-friendly interface at cscdbs.com.

From the trusted provider of choice for Forbes Global 2000 companies, this more user-friendly site is filled with information you need to secure and protect your brand. You’ll experience a brand new look and feel, at-a-glance facts and figures, learn about the latest digital threats, access our trusted resources, and see what our customers are saying.

Visit the site to learn more about our core solutions: domain management, domain security, and brand and fraud protection.

But the current version of the post expunges the first paragraph, referring to the retirement of its .services domain, entirely.

I’m going to guess this happened after OnlineDomain reported the move.

But the original text is still in the blog’s cached RSS feed at Feedly.

CSC blog post

It’s perhaps not surprising that CSC would not want to draw attention to the fact that it’s withdrawn to a .com from a .services, the gTLD managed by Donuts.

After all, CSC manages dozens of new gTLDs for clients including Apple, Yahoo and Home Depot, and releases quarterly reports tracking and encouraging activation of dot-brands.

Interestingly, and I’m veering a little off-topic here, there is a .csc new gTLD but CSC does not own it. It was delegated to a company called Computer Sciences Corporation (ironically through an application managed by CSC rival MarkMonitor) which also owns csc.com.

Computer Sciences Corporation never really got around to using .csc, and in 2017 merged with a unit of HP to form DXC Technology.

If you visit nic.csc today, you’ll be redirected to dxc.technology/nic, which bears a notice that it’s the “registry for the .dxc top-level domain”.

Given that the .dxc top-level domain doesn’t actually exist, I think this might make DXC the first company to openly declare its intent to go after a dot-brand in the next round of new gTLDs.

ICANN may scrap its $0.18 reg tax in coronavirus “solidarity”

Kevin Murphy, April 28, 2020, Domain Registrars

ICANN is thinking about whether to temporarily waive the $0.18 it charges registrars (and therefore registrants) whenever a gTLD domain name is registered.

Execs said the idea was being considered during a conference call explaining ICANN’s new budget this afternoon.

The idea was floated by GoDaddy policy head James Bladel during the call, and supported by others, but it appears it had already also occurred to ICANN.

Bladel suggested that it might not make a big impact on registrants’ wallets, but that it would be a show of “solidarity” with registrars and registries that have waived domain recovery fees to help registrants that have been hit by coronavirus.

ICANN said it was looking at the idea but did not commit one way or the other.

Should such a waiver come into effect, it’s not clear whether it would be uniformly passed on to registrants.

CentralNic does not expect big coronavirus impact as it posts almost-doubled revenue for 2019

Kevin Murphy, April 27, 2020, Domain Registrars

CentralNic has added its name to the list of domain name companies not expecting to see a significant financial hit from coronavirus.

The company this morning posted its full 2019 results and first-quarter 2020 trading update, saying it expects to be “resilient” to the pandemic.

For 2019, the company saw revenue grow by 95% to $109.2 million. Profits at the adjusted EBITDA level was $17.9 million, again almost double the 2018 results.

Pre-tax loss was $8.2 million, compared to $5 million for the previous year. At the operating level, CentralNic lost half a million bucks, but that was smaller than the $3.6 million it lost in 2018.

The first quarter trading update was even rosier. It expects revenue to come in at $56 million — the same revenue figure as for the whole of 2018 — with adjusted EBITDA of $8.1 million.

The growth is of course all coming from recent acquisitions. CentralNic sees itself as an industry consolidator. It has recently integrated the reseller-focused businesses Key-Systems, Hexonet, PartnerGate, TPP Wholesale and Toweb, as well as retail registrar Ideegeo and domain monetization outfit Team Internet.

The company said it has delayed a planned shareholder dividend — its first — in order to keep more cash on hand for even more acquisitions.

On coronavirus, CentralNic said:

Despite [the pandemic], trading for the Group in Q1 2020 was in line with expectations, despite the global business restrictions to slow the progress of COVID-19… As a profitable provider of online subscription services with high cash conversion and solid organic growth, we do not expect CentralNic to be severely affected by COVID-19, but we will take the necessary precautions to preserve our cash and review our acquisition pipeline and financing plans to ensure that we maintain stability and optimise our business strategies in the new global climate.

It’s the third domain company in recent days, after Verisignafter Verisign and Dutch ccTLD registry SIDNDutch ccTLD registry SIDN, to say that they don’t expect to be badly hit by the pandemic.

Free domains registrar gets FOURTH breach notice

Kevin Murphy, April 21, 2020, Domain Registrars

OpenTLD, the company that offers free and at-cost domain names under the Freenom brand, has received its fourth public breach of contract notice from ICANN.

The alleged violation concerns a specific expired domain — tensportslive.net — which was until its expiration last November hosting a Pakistani cricket blog.

ICANN claims OpenTLD failed to hand over copies of expiration notices it sent to the former registrant of the name, which expired November 12, despite repeated requests.

The blogger seems to have been royally screwed over by this situation.

ICANN first started badgering OpenTLD for its records on December 23, presumably alerting the company to the fact that its customer had a problem, when the domain had expired but was still recoverable.

ICANN contacted the registrar four more times about the domain before February 1, when it dropped and was promptly snapped up by DropCatch.com.

The public breach notice (pdf) was published February 27. OpenTLD has apparently since provided ICANN with data, which is being reviewed.

But it’s the fourth time the registrar has found itself in serious trouble with ICANN.

It got a breach notice in March 2015 after failing to file compliance paperwork.

Later that year, ICANN summarily suspended its accreditation — freezing its ability to sell domains — after the Dutch company was found to have been cybersquatting rival registrars including Key-Systems and NetEarth in order to poach business away from them.

That suspension was fought in an unprecedented arbitration case, but ICANN won and suspended the accreditation again that August.

It got another breach notice in 2017 for failing to investigate Whois accuracy complaints, which ICANN refers to in its current complaint.

OpenTLD/Freenom is perhaps best known as the registry for a handful of African ccTLD and Tokelau’s .tk, which is the second-largest TLD after .com by volume of registered domains.

Its business model is to give the names away for free and then monetize them after they expire or are deleted for abuse. In the gTLD space, it says it offers domains at the wholesale cost.

According to SpamHaus, over a third of .tk domains it sees are abusive.

GoDaddy signs up 30 partners to lockdown-era marketing scheme

Kevin Murphy, April 15, 2020, Domain Registrars

GoDaddy has signed up 30 companies to a new marketing program that it says is designed to help small business keep afloat during the coronavirus lockdown.

It’s called #OpenWeStand, and the company is doing its level best to cast it as a community “movement” rather than a way to shift product as the world stands on the precipice of pandemic-induced recession.

The companies signed up so far are: Acronis, American Express, Association for Enterprise Opportunity, Avetta, BrandCrowd, Brex, ChowNow, Digital Air Strike, Evite, Gift Up!, GoFundMe, Hello Alice, Inc. Media, Kabbage, Keap, Keysight Technologies, Moneypenny, Next Insurance, Next Street, Nextdoor, PayPal, Rocket Lawyer, Ruby, Salesforce, Seed Spot, ServiceTitan, Shaw Academy, Slack, SurveyMonkey, and Zenefits.

What are all these companies offering worried business owners? It’s not entirely clear yet, but the answer so far appears to be primarily: discounts.

Evite, for example, is offering customers a free year of its premium service, which usually goes for $249, according to the OpenWeStand web site.

Customers of GoDaddy that are also customers of collaboration tool Slack will get a 25% discount on any Slack upgrade they buy.

Food delivery aggregator ChowNow says it’s designed a loyalty scheme product designed to put uo-front fees in restaurants’ pockets at a time when delivery is basically their only option.

Inc magazine’s contribution appears to be limited to a pledge to continue publishing.

GoDaddy itself is offering free social media makeovers and marketing services.

There’s not a whole lot more in the way of offers right now, but the site has placeholders for the likes of PayPal, American Express and Salesforce to promote their offerings soon.

In terms of offering advice to small business owners, we’re looking at a collection of GoDaddy blog posts and a LinkedIn group with about 200 members.

It’s obviously far too early to say whether any of this will ultimately be useful or attractive enough to help small businesses survive the lockdown, but I also think it would be churlish to dismiss it as a cynical marketing ploy at this stage.

A slick GoDaddy video promoting #OpenWeStand, which appears to have been voiced by the soothing, avuncular gravel of Donald Sutherland, has received over 12 million views since it was published March 25, so their may be an appetite for this kind of “movement”.

No ICANN tax relief for Chinese registrars

ICANN has declined a request from dozens Chinese registrars for a fee waiver due to the impact of coronavirus.

In February, almost 50 China-based accredited registries and registrars said they were suffering financially as a result of the outbreak and asked ICANN for an “immediate fee waiver” to “greatly help stabilize our business in the difficult time”.

ICANN has denied this request. In a letter (pdf), senior director of gTLD accounts and services Russ Weinstein wrote:

While we sympathize with the potential financial impact this unprecedented event may have on contracted parties, we are not prepared to provide a waiver at this time. We are closely monitoring the situation and its impact on the domain industry. We are interested in hearing more from representatives from the contracted parties to better understand the problems both the contracted parties and the registrants are facing and ideas for potential solutions.

As I said back in February, what was then largely a Chinese problem looked likely to quickly become a global problem, which unfortunately seems to be the course we’re on. Just six weeks later, China isn’t even the worst-affected country any more.

Even without fee waivers, ICANN has noted that it expects a “significant” impact on it is 2020-21 budget due to the pandemic.

ICANN declares coronavirus a “natural disaster” to protect expired domains

Registrants unable to renew their domain names when they expire may not lose them, following a decree from ICANN today.

The organization has declared the coronavirus a “natural disaster” and invoked part of the Registrar Accreditation Agreement that permits registrars to keep hold of domains that have come to the end of their post-expiration renewal period.

Under the RAA, registrars have to delete domains a maximum of 45 days after the reg period expires, unless there are “extenuating circumstances” such as an ongoing UDRP case, lawsuit or technical stability dangers.

There’s no accounting for natural disasters in the contract, but ICANN has the discretion to name any “other circumstance as approved specifically by ICANN” an extenuating circumstance. That’s what it’s done here.

It’s invoked this provision once before, following Hurricane Maria in late 2017.

ICANN said that policies to specifically protect domains in the event of natural disasters should be considered.

The new coronavirus exception applies to all registrars in all gTLDs, although implementation will vary by registrar.

The announcement follows Verisign’s announcement last week that it is waiving its registry-level restore fee for .com and .net domains until June 1.