Latest news of the domain name industry

Recent Posts

Tucows buys UNR’s registry business as Schilling bows out

Kevin Murphy, October 1, 2021, Domain Registries

Tucows has acquired UNR’s registry business, the latest in the piecemeal sale of the old Uniregistry by founder Frank Schilling.

The Canadian registrar said it is taking on the technology platform as well as 10 UNR staffers.

Not many details of the deal, not even the purchase price, have been revealed.

“While I am slowly getting out of the industry, it’s important to me to know that my businesses are being left in the best hands,” Schilling said in a brief Tucows press release.

The deal gives Tucows a registry component to match rival GoDaddy, which acquired Neustar’s registry business last year, and makes the company the latest to throw itself into the vertically integrated domain space.

GoDaddy acquired Uniregistry’s registrar business last year also.

The UNR registry was originally Internet Systems Consortium’s but was acquired by UNR towards the beginning of the current new gTLD cycle.

It’s not currently clear which TLDs, if any, continue to run on the UNR platform. The company auctioned off 20 gTLDs in May, making $40 million, but did not disclose the buyers and none of the ICANN contracts have yet changed hands.

Certain ICANN approvals are needed before the deal closes, Tucows said.

Neither company answered DI’s questions about which TLDs are making the move, but Tucows VP Dave Woroch told us:

We are purchasing their registry platform and technology/intellectual property. In addition to servicing a number of registry operators, this platform will be applicable or beneficial to our broader registrar business, and we are looking at how we can implement some of that technology into our registrar platform. Along with this purchase of the registry platform, we have the unique opportunity to bring on a very experienced team of software engineers with specific expertise, and that will benefit our domain business at a time when it has been particularly challenging to add talent…

Tucows will be actively marketing itself as a backend registry provider, both for gTLDs and ccTLDs, and if there is another round of new gTLDs, we would fully expect to participate there as well.

Neustar exec fingered in Trump’s Russian “collusion” probe

Kevin Murphy, October 1, 2021, Domain Registries

A senior former Neustar executive has been outed as a participant in 2016 research that sought to establish nefarious links between then US presidential candidate Donald Trump and the Russian government.

According to a US federal indictment last month, former Neustar senior VP and head of security Rodney Joffe and others used DNS query data collected by the company to help create a “narrative” that Trump’s people had been covertly communicating with Kremlin-connected Alfa Bank.

The indictment claims that they did so despite privately expressing skepticism that the data was conclusive in establishing such ties.

Joffe did this work while under the impression he would be offered a top cybersecurity job in Hilary Clinton’s administration, had she won the 2016 general election, the indictment claims.

Joffe has not been accused of any illegality or wrongdoing — he’s not even named in the indictment — and his lawyer has told the New York Times that the indictment gives an “incomplete and misleading” version of events.

The indictment was returned by a federal grand jury on September 16 against Washington DC lawyer Michael Sussmann, as a result of Special Counsel John Durham’s investigation into the origins of the Trump-Russia “collusion” probe, which ultimately found insufficient evidence of illegality by the former president.

Sussman is charged with lying to the FBI when, in September 2016, he showed up with a bunch of evidence suggesting a connection between Trump and Alfa Bank and claimed to not be working on behalf of any particular client.

In fact, the indictment alleges, he was working on behalf of the Clinton campaign and Joffe, both of whom had retained his services. Lying to the FBI is a crime in the US.

The indictment refers to Joffe as “Technology Executive 1”, but his identity has been confirmed by the NYT and others.

Sussman’s evidence in part comprised DNS data supplied by Joffe and analyzed by himself and other researchers, showing traffic between the domain mail1.trump-email.com and the Russian bank.

At the time, Neustar was a leading provider of domain registry services, but also a significant player in DNS resolution services, giving it access to huge amounts of data about domain queries.

“Tech Executive-1 [Joffe] used his access at multiple organizations to gather and mine public and non-public Internet data regarding Trump and his associates, with the goal of creating a ‘narrative’ regarding the candidate’s ties to Russia,” the indictment claims.

According to the indictment, Joffe had been offered a job in the Clinton administration. He allegedly wrote, shortly after the November 2016 election: “I was tentatively offered the top [cybersecurity] job by the Democrats when it looked like they’d win. I definitely would not take the job under Trump.”

The researchers — which also included employees of the Georgia Institute of Technology, ​Fusion GPS, and Zetalytics, according to the NYT — sought to create a case for a connection between Trump and the Russian government while privately expressing doubts that their conclusions would stand up to third-party scrutiny, the indictment claims.

The suspicions were briefed to the media by Sussman and the Clinton campaign, the indictment says, and widely reported prior to the election.

When the FBI investigated the alleged links, it concluded the suspicious traffic was benign and caused by the activities of a third-party marketing firm, according to reports.

As I said, it is not alleged that Joffe broke the law, and his people say the indictment is, as you might expect from an indictment, one-sided.

Still, it’s a very interesting, and possibly worrying, insight into how companies like Neustar and their employees are able to leverage DNS resolution data for their own private purposes.

The full indictment, which uses pseudonyms for most of the people said to be involved in the research, can be read here (pdf). The New York Times story, which reveals many of these identities, can be read here (paywall).

While Neustar’s registry business was acquired last year by GoDaddy, it appears that Joffe did not make the move and instead stayed with Neustar. His LinkedIn profile showed he “retired” at some point in the last few weeks, after 15 years with the company.

Donuts’ drop-catching service not anti-competitive, ICANN says

Kevin Murphy, September 29, 2021, Domain Registries

Donuts’ proposed DropZone service, which could see the registry start charging drop-catchers additional fees, is not anti-competitive, according to ICANN.

The service “does not raise any competition concerns”, ICANN VP Russ Weinstein said in a letter to registrar TurnCommerce, the company behind DropCatch.com.

He was responding to TurnCommerce’s concern that DropZone would allow Donuts to charge unlimited extra fees to register expiring names, while giving an advantage to its in-house registrars.

But Weinstein wrote (pdf):

The information received in the Dropzone RSEP request was thoroughly evaluated pursuant to our process, which included consideration of the matters raised in your letter. ICANN org determined that the Dropzone service as submitted by Donuts Inc. on behalf of [Donuts subsidiaries] Binky Moon, LLC and Dog Beach, LLC does not raise any competition concerns requiring ICANN org to refer either RSEP to a relevant competition authority.

DropZone would see Donuts handle its dropping names on a parallel registry system that registrars would have to obtain separate access to. Its Registry Service Evaluation Process request raises the prospect of new fees for such access.

Hold on to your stats! ShortDot gets two gTLDs approved in China

Kevin Murphy, September 28, 2021, Domain Registries

ShortDot, which makes a business repurposing unwanted gTLDs for the budget end of the market, said today it has had two more horses in its stable approved for use in China.

The company said that .bond and .cyou have been given the necessary nods by Chinese authorities.

What this could mean, if history is any guide, is a sharp increase in sales for the two extensions, possibly to the extent that they materially affect overall domain industry volume stats for the next few years.

ShortDot seems to think so, saying in a press release: “Given the massive success of .icu in China, it is quite clear that .bond and .cyou will follow suit to become largely successful.”

.icu currently has about 600,000 names under management, more than half of which are registered via Chinese registrars. Its numbers are on their way down.

At its peak 18 months ago it had more than 10 times as many, about 6.6 million, due to its low pricing and popularity among Chinese speculators.

The sudden rise and wholly predictable precipitous fall of .icu has been messing with overall new gTLD industry stats for the last couple of years. No volume analysis is complete without a .icu-related asterisk.

It’s by no means assured that the same will be true of .cyou and .bond of course.

.cyou, which was originally a dot-brand matching the ticker symbol of a Chinese company, had 118,000 names under management at the end of May and 136,000 in its zone file yesterday.

Names in .cyou can be had for $2 at Namecheap and NameSilo, its top two registrars, which together hold over 70% of the market.

.bond, originally an Australian university’s dot-brand, has fewer than 5,000 names at the last count and retails for about $55 retail at the low end.

CentralNic spends $6.5 million on traffic network

Kevin Murphy, September 28, 2021, Domain Registries

CentralNic this morning said it has paid $6.5 million to acquire “a publishing network of revenue generating websites”.

The company, which is seeing an increasingly large chunk of its revenue coming from domain monetization, said the network generates $2 million in annual revenue and $1.5 million in earnings.

The seller is White & Case, a 120-year-old international law firm, not exactly the kind of company you’d expect to own a bunch of random monetized domains.

Neither the size of the network nor the means of monetization were disclosed.

CentralNic said the network was already a customer for roughly half of its sites, so the acquisition will add about $1 million to revenue and $1.5 million to earnings, reducing annual cost of revenue by about $500,000.

While the company is best know for selling domain names, following recent acquisitions revenue from its fast-growing “online marketing” segment outpaced its traditional revenue sources, bringing in $96.4 million in the first half compared to $78.3 million in it two domain-related segments.

Nothing but losses ahead for MMX

Kevin Murphy, September 27, 2021, Domain Registries

Former new gTLD registry MMX has delivered its latest set of financial results and warned that, without any operating business, it will be loss-making for the foreseeable future.

The company today reported a first-half loss of $783,000, compared to a loss of $1.25 million in the year-ago period.

That’s calculated from its ongoing operations, which since the $120 million sale of its registry business to GoDaddy comprises no revenue-generating activities but substantial costs keeping the company running and maintaining its listing on the AIM stock market.

Profit from discontinued operations was $3.38 million, compared to $2.68 million.

It still has small “RSP” business, providing non-technical back-office management services to a few former gTLD partners, but this will be wound down or sold off.

CEO Tony Farrow said in a statement:

We are now in the process of delivering the transition services agreed with GoDaddy Registry and disposing of, or otherwise winding down, our RSP Business. Whilst the transition services are being provided on a cost recovery basis, the Company’s ongoing administrative and other public company costs will result in operating losses for the Group going forward.

When the winding down of existing businesses is done, MMX will look for acquisition opportunities or act as a vessel for a reverse takeover.

It’s currently returning $80 million of its GoDaddy cash to investors with a buyback, but this is not enough to clear all of its shares.

Afilias appeals .web ruling, Verisign responds with “rigging” claims

Kevin Murphy, September 27, 2021, Domain Registries

Afilias has filed an unusual and unprecedented appeal against the May ruling that found ICANN broke its bylaws by awarding the .web gTLD to a Verisign affiliate.

The company is arguing that the Independent Review Process panel that decided the .web case shirked its duties, by not actually resolving the major disputes placed before it.

Verisign, in response, has accused Afilias of asking for a “do-over”, which it said is against the rules, and published information it said showed the company had tried to “rig” the .web auction.

The IRP followed the 2015 ICANN last-resort auction, which saw Verisign secretly fund a shell applicant called Nu Dot Co to win with a $135 million bid, on the basis .web would later be transferred to its custody.

Afilias was the runner-up, and argued that ICANN should have voided the NDC bid because Verisign’s involvement was not disclosed.

But the IRP panel merely found that ICANN had breached its bylaws by failing to have the courage to actually rule on the legitimacy of Verisign’s tactics, and threw it back to ICANN to make a decision.

ICANN has yet to make that decision. Instead, Afilias has filed an appeal (pdf) with the in the form of an “application for an additional decision and interpretation”.

IRP cases are handled by the International Center for Dispute Resolution, and Afilias is invoking the ICDR Arbitration Rules that allow a claimant to request an “interpretation” or “additional award” from the original decision:

By failing to resolve all of the claims and issues Afilias presented to the Panel for decision, the Panel has not only failed to satisfy its mandate; it has also undermined the very Purposes of the IRP (as set out in Section 4.3(a) of the Bylaws)—especially, but not exclusively, by its decision to refer Afilias# claim arising from Nu Dot Co’s (“NDC”) violation of the New gTLD Program Rules back to the ICANN Board and Staff to “pronounce” upon “in the first instance.”

The lengthy request is, I believe, an unprecedented attempt at an appeal of an IRP ruling. It’s also heavy on the legal arguments and does not really shed much light on the facts of the case.

The gist of it is that Afilias wants the panel to rule that ICANN breached its bylaws, new gTLD program rules and international law by failing to disqualify NDC and awarding .web to Afilias instead.

Verisign, in response, said in a blog post that Afilas’ application is “not permitted by the arbitration rules – which expressly prohibit such requests for ‘do overs.'”

It also published a letter (pdf) from NDC to ICANN in which it argues that Afilias tried to engage in a “collusive scheme” to “rig” the .web auction.

The letter contains many pages of private correspondence — emails and phone text messages — in which rival .web applicants, before Verisign’s involvement had been confirmed, fruitlessly attempted to persuade NDC to join them in a private auction in which the winning bid would have been shared among the losers rather than all going to ICANN.

While this kind of private settlement was envisaged, and indeed encouraged, by new gTLD program rules, Verisign reckons its smoking gun is messages sent by Afilias during the so-called “blackout period” before the last-resort auction, during which communications between applicants were forbidden.

As far as I can tell, all or almost all of the documents provided by NDC to ICANN had already been submitted to the public record during the IRP.

Note — the “Afilias” referred to throughout this post is the portion of the company, now known as Altanovo Domains, left behind after most of its operating businesses were acquired by Donuts late last year.

Dead dot-brands top 100. Here’s the list and breakdown

Kevin Murphy, September 22, 2021, Domain Registries

The list of dot-brand gTLDs that have had their ICANN registry contracts torn up has now topped 100.

SC Johnson, the big American cleaning products company, has informed the Org it no longer wishes to run .afamilycompany, .duck, .glade, .off, .raid, and .scjohnson.

Regular readers will know that I’ve been keeping a running tally of dot-brand terminations for the last several years, and according to that tally that number is now 101.

But it’s a bit more complex than that, so I thought I’d use the occasion of this milestone to provide a more substantial breakdown.

ICANN has records for 104 dot-brands either being terminated by ICANN or asking to be terminated of their own accord.

The number of registry-initiated termination requests is 90. These are typically gTLDs that were never used, or were experimented with and then abandoned. A smaller number relate to brands that were discontinued following mergers or product end-of-life, rendering the dot-brand pointless.

ICANN initiated the other 14 terminations, mostly because the registry operator got cold feet during the pre-delegation testing phase, before going live, but also in one instance for non-payment of fees and in two cases whatever the hell this is.

Six of the registry-initiated transfer requests were withdrawn before being fully processed. Of those, three (.boots, .mobily, and its Arabic translation) went on to be terminated anyway.

Two registries filed for self-termination then changed their minds and committed auto-genericide by selling their contracts — for .bond and .sbs — to discounting portfolio registry ShortDot instead.

One dot-brand, .case, withdrew its December 2020 termination request and appears to still be active.

Thirteen termination requests are currently in the system but have not yet been fully processed.

Five dot-brand gTLD contracts — .observer, .quest, .monster, .select, .compare — were sold to other registries to be repurposed as open generics. You could add .cyou to that list, depending on how you define a dot-brand.

One gTLD that was originally a generic — .moto — made the move in the other direction to become a dot-brand.

Here’s the list of dot-brands that have either requested a termination, or been terminated.

TLD/RegistryInitiated ByStatus
.active (Active Network, LLC)RegistryTerminated
.afamilycompany (Johnson Shareholdings, Inc.)RegistryPending
.africamagic (Electronic Media Network (Pty) Ltd)ICANNTerminated
.aigo (aigo Digital Technology Co, Ltd.)iCANNTerminated
.blanco (BLANCO GmbH + Co KG)RegistryTerminated
.bnl (Banca Nazionale del Lavoro)RegistryTerminated
.bond (Bond University Limited)RegistryWithdrawn
.boots (The Boots Company PLC)RegistryTerminated
.boots (The Boots Company PLC)RegistryTerminated
.cartier (Richemont DNS Inc.)RegistryTerminated
.case (CNH Industrial N.V.)RegistryWithdrawn
.caseih (CNH Industrial N.V.)RegistryTerminated
.ceb (The Corporate Executive Board Company)RegistryTerminated
.chloe (Richemont DNS Inc.)RegistryTerminated
.chrysler (FCA US LLC.)RegistryTerminated
.dabur (Dabur India LimitedRegistryPending
.dodge (FCA US LLC.)RegistryTerminated
.doha (Communications Regulatory Authority (CRA)RegistryTerminated
.DOOSAN (Doosan Corporation)RegistryTerminated
.dstv (MultiChoice (Proprietary) Limited)iCANNTerminated
.duck (Johnson Shareholdings, Inc.)RegistryPending
.duns (The Dun & Bradstreet Corporation)RegistryTerminated
.dwg (Autodesk, Inc.)RegistryTerminated
.emerson (Emerson Electric Co.)RegistryTerminated
.epost (Deutsche Post AG)RegistryTerminated
.esurance (Esurance Insurance Company)RegistryTerminated
.everbank (EverBank)RegistryTerminated
.FLSMIDTH (FLSmidth A/S)RegistryTerminated
.fujixerox (Xerox DNHC LLC)RegistryTerminated
.glade (Johnson Shareholdings, Inc.)RegistryPending
.goodhands (Allstate Fire and Casualty Insurance Company)RegistryTerminated
.gotv (MultiChoice (Proprietary) Limited)iCANNTerminated
.honeywell (Honeywell GTLD LLC)RegistryTerminated
.htc (HTC Corporation)RegistryTerminated
.iinet (Connect West Pty)RegistryTerminated
.intel (Intel Corporation)RegistryTerminated
.iselect (iSelect Ltd)RegistryTerminated
.iveco (CNH Industrial N.V.)RegistryTerminated
.iwc (Richemont DNS Inc.)RegistryTerminated
.jcp (JCP Media, Inc.)RegistryTerminated
.jlc (Richemont DNS Inc.)RegistryTerminated
.kyknet (Electronic Media Network (Pty) Ltd)iCANNTerminated
.ladbrokes (Ladbrokes International PLC)RegistryTerminated
.lancome (L'Oréal)RegistryTerminated
.liaison (Liaison Technologies, Incorporated)RegistryTerminated
.lixil (LIXIL Group Corporation)RegistryPending
.lupin (Lupin Limited)RegistryTerminated
.mcd (McDonald's Corporation)RegistryTerminated
.mcdonalds (McDonald's Corporation)RegistryTerminated
.meo (MEO Servicos de Comunicacoes e Multimedia, S.A.)RegistryTerminated
.metlife (MetLife Services and Solutions, LLC)RegistryTerminated
.mnet (Electronic Media Network (Pty) Ltd)iCANNTerminated
.mobily (GreenTech Consultancy Company W.L.L.)RegistryWithdrawn
.mobily (GreenTech Consultancy W.L.L.)iCANNTerminated
.montblanc (Richemont DNS Inc.)RegistryTerminated
.mopar (FCA US LLC.)RegistryTerminated
.movistar (Telefónica S.A.)RegistryTerminated
.mtpc (Mitsubishi Tanabe Pharma Corporation)RegistryTerminated
.multichoice (MultiChoice (Proprietary) Limited)iCANNTerminated
.mutuelle (Fédération Nationale de la Mutualité Française)RegistryTerminated
.mzansimagic (Electronic Media Network (Pty) Ltd)iCANNTerminated
.nadex (Nadex Domains, Inc.)RegistryTerminated
.naspers (Intelprop (Proprietary) Limited)iCANNTerminated
.nationwide (Nationwide Mutual Insurance Company)RegistryTerminated
.newholland (CNH Industrial N.V.)RegistryTerminated
.off (Johnson Shareholdings, Inc.)RegistryPending
.onyourside (Nationwide Mutual Insurance Company)RegistryTerminated
.orientexpress (Orient Express)RegistryTerminated
.pamperedchef (The Pampered Chef, Ltd.)RegistryTerminated
.panerai (Richemont DNS Inc.)RegistryTerminated
.payu (MIH PayU B.V.)iCANNTerminated
.piaget (Richemont DNS Inc.)RegistryTerminated
.qvc (QVC, Inc)RegistryPending
.raid (Johnson Shareholdings, Inc.)RegistryPending
.rightathome (Johnson Shareholdings, Inc.)RegistryTerminated
.rmit (Royal Melbourne Institute of Technology)RegistryPending
.sapo (MEO Servicos de Comunicacoes e Multimedia, S.A.)RegistryTerminated
.sbs (SPECIAL BROADCASTING SERVICE CORPORATION)RegistryWithdrawn
.scjohnson (Johnson Shareholdings, Inc.)RegistryPending
.scor (SCOR SE)RegistryTerminated
.shriram (Shriram Capital Ltd.)RegistryTerminated
.spiegel (SPIEGEL-Verlag Rudolf Augstein GmbH & Co. KG)RegistryTerminated
.srt (FCA US LLC.)RegistryTerminated
.starhub (StarHub Ltd)RegistryTerminated
.statoil (Statoil ASA)RegistryTerminated
.supersport (SuperSport International Holdings Proprietary Limited)iCANNTerminated
.swiftcover (Swiftcover Insurance Services Limited)RegistryPending
.symantec (Symantec Corporation)RegistryTerminated
.telecity (TelecityGroup International Limited)RegistryTerminated
.telefonica (Telefónica S.A.)RegistryTerminated
.theguardian (Guardian News And Media Limited)iCANNTerminated
.uconnect (FCA US LLC.)RegistryTerminated
.vista (Vistaprint Limited)RegistryTerminated
.vistaprint (Vistaprint Limited)RegistryTerminated
.warman (Weir Group IP Limited)RegistryTerminated
.xperia (Sony Mobile Communications AB)RegistryTerminated
.zippo (Zadco Company)RegistryTerminated
xn--3oq18vl8pn36a (Volkswagen (China) Investment Co., Ltd.)RegistryPending
xn--estv75g (Industrial and Commercial Bank of China Limited)RegistryTerminated
xn--kpu716f (Richemont DNS Inc.)RegistryTerminated
xn--mgbb9fbpob (GreenTech Consultancy Company W.L.L.)RegistryWithdrawn
xn--mgbb9fbpob (GreenTech Consultancy W.L.L.)iCANNTerminated
xn--pbt977c (Richemont DNS Inc.)RegistryTerminated
xn—4gq48lf9j Wal-Mart Stores, Inc.RegistryTerminated

Volkswagen drives IDN dot-brand off a cliff

Kevin Murphy, September 13, 2021, Domain Registries

Volkwagen has decided it no longer wishes to run its Chinese-script dot-brand gTLD.

The car-maker’s Chinese arm has asked ICANN to terminate its contract for .大众汽车 (.xn--3oq18vl8pn36a), which has been in the root for five years.

It’s the standard terminating dot-brand story — the gTLD was never used and VW evidently decided it wasn’t needed.

The company also runs .volkswagen, and that’s not used either, but ICANN has yet to publish termination papers for that particular string.

Fellow German car-maker Audi is one of the most prolific users of dot-brands. Its .audi gTLD has over 1,800 registered domains, most of which appear to be used by its licensed dealerships.

.volkwagen is the 95th terminated dot-brand and the seventh terminated internationalized domain name gTLD.

France gets more domain takedown powers

Kevin Murphy, September 13, 2021, Domain Registries

Afnic, the French ccTLD registry, has updated its policies to make it easier for the government to take down .fr domain names, and has banned names that could be used for government-related phishing.

The company has incorporated provisions of a 2020 national law that allows the General Directorate for Competition Policy, Consumer Affairs and Fraud Control to instruct the registry to suspend domains believed to be used in fraud.

It sounds similar to the set-up in the neighboring UK, where consumer protection agencies have a deal with Nominet to take down domains used for things like counterfeiting and piracy.

Afnic has also banned all domains where the second-level string ends in “-gouv”.

In France, official government domains end in .gouv.fr, but fraudsters could register the similar-looking -gouv.fr to trick citizens into thinking they were visiting a legit government web site. Not any more.