Recent Posts
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
Domain universe grows almost 1% in 2017 despite new gTLD slump
The total number of registered domain names in all TLDs was up 0.9% in 2017, despite a third-quarter dip, according to the latest data compiled by Verisign.
The latest Domain Name Industry Brief, published yesterday, shows that there were 332.4 million domains registered at the end of the year.
That’s up by 1.7 million names (0.5%) on the third quarter and up 3.1 million names (0.9%) on 2016.
Growth is growth, but when you consider that 2015-2016 growth was 6.8%, under 1% appears feeble.
The drag factors in 2017 were of course the 2012-round new gTLDs and Verisign’s own .net, offset by increases in .com and ccTLDs.
New gTLD domains were 20.6 million at the end of the year, down by about 500,000 compared to the third quarter and five million names compared to 2016.
As a percentage of overall registrations, new gTLDs dropped from 7.8% at the end of 2016 to 6.2%.
The top 10 new gTLDs now account for under 50% of new gTLD regs for the first time.
The numbers were primarily affected by big declines in high-volume spaces such as .xyz, which caused the domain universe to actually shrink in Q3.
Verisign’s own .com fared better, as usual, with .net suffering a decline.
The year ended with 131.9 million .com names, up by five million names on the year, exactly offsetting the shrinkage in new gTLDs.
But .net ended up with 14.5 million names, a 800,000 drop on 2016.
In the ccTLD world, total regs were up 1.4 million (1%) quarterly and 3.4 million (2.4%) annually.
Excluding wild-card ccTLD .tk, which never deletes domains and for which data for 2017 was not available to Verisign, the growth was a more modest 0.7 million (0.5%) quarterly and 2.3 million (1.8%) annually.
The DNIB report for Q4 2017 can be downloaded here (pdf).
CentralNic spends $3.3 million on .com portfolios
CentralNic has splashed out £2.5 million ($3.3 million) to bolster its portfolio of domain names for the secondary market.
The company said in a brief statement today that it acquired an unspecified number of domains across “a number of portfolios”. The sellers were not disclosed.
The names were all in .com.
CEO Ben Crawford said the names were acquired “at an attractive discount to current market rates”.
The deals mean London-listed CentralNic might be able to continue to prop up its recurring revenue (registry/registrar) numbers through the sale of premium names, something it still needs to do if it wants to show investors a pleasing growth curve.
That’s assuming it can sell the names at a profit, of course.
Some call this the premium domain “hamster wheel”.
Namecheap to bring millions of domains in-house next week
Namecheap is finally bringing its customer base over to its own ICANN accreditation.
The registrar will next week accept transfer of an estimated 3.2 million .com and .net domains from Enom, following a court ruling forcing Enom owner Tucows to let go of the names.
The migration will happen from January 8 to January 12, Namecheap said in a blog post today.
Namecheap is one of the largest registrars in the industry, but historically it mostly acted as an Enom reseller. Every domain it sold showed up in official reports as an Enom sale.
While it’s been using its own ICANN accreditation to sell gTLD names since around 2015 — and has around four million names on its own credentials — it still had a substantial portion of its customer base on the Enom ticker.
After the two companies’ arrangement came to an end, and Enom was acquired by Tucows, Namecheap decided to also consolidate its .com/.net names under its own accreditation.
After Tucows balked at a bulk transfer, Namecheap sued, and a court ruled in December that Tucows must consent to the transfer.
Now, Namecheap says all .com and .net names registered before January 2017 or transferred in before November 2017 will be migrated.
There may be some downtime as the transition goes through, the company warned.
ICANN punts o.com auction to US watchdogs
Verisign’s proposed auction of the domain o.com might have a negative effect on competition and has been referred to US regulators.
That’s according to ICANN’s response to the .com registry’s request to release the domain, which is among the 23 single-letter domains currently reserved under the terms of its contract.
ICANN has determined that the release “might raise significant competition issues” and has therefore been referred to “to the appropriate governmental competition authority”.
It’s forwarded Verisign’s request to the US Department of Justice.
Verisign late last month asked ICANN if it could release o.com to auction as a test that could presumably lead to other single-character .com names being released in future.
The plan is for a charity auction, in which almost all the proceeds are donated to internet-related good causes.
Only the company running the auction would make any significant money; Verisign would just take its standard $7.85 annual fee.
ICANN told the company that it could find no technical reason that the release could not go ahead.
The only barrier is the fact that Verisign arguably has government-approved, cash-printing, market dominance and is therefore in a sensitive political position.
Whether its profitless plan will be enough to see the auction given the nod remains to be seen.
A certain bidder in the proposed auction would be Overstock.com, the online retailer, which has been pressuring ICANN and Verisign for the release of O.com for well over a decade and even owns trademarks covering the domain.
Disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.
Verisign wants to auction off O.com for charity
The internet could soon gets just its fourth active single-character .com domain name, after Verisign revealed plans to auction off o.com for charity.
The company has asked ICANN to allow it to release just one of the 23 remaining one-letter .com domains, which are currently reserved under the terms of the .com registry agreement.
It’s basically a proof of concept that would lead to this contractual restriction being lifted entirely.
O.com has been picked as the guinea pig, because of “long-standing interest” in the domain, according to Verisign.
Overstock.com, the $1.8 billion-a-year US retailer, is known to have huge interest in the name.
The company acquired o.co from .CO Internet for $350,000 during the ccTLD’s 2010 relaunch, then embarked upon a disastrous rebranding campaign that ended when the company estimated it was losing 61% of its type-in traffic to o.com.
Overstock has obsessed over its unobtainable prize for over a decade and would almost certainly be involved in any auction for the domain.
In fact, I wouldn’t be surprised to discover that Overstock pressured Verisign into requesting the release of o.com.
Despite the seven or eight figures that a single-letter .com domain could fetch, Verisign’s cut of the auction proceeds would be just $7.85, its base registry fee.
Regardless, it has a payment schedule in mind that would see the winning bidder continue to pay premium renewal fees for 25 years, eventually doubling the sale price.
The winner would pay their winning bid immediately and get a five-year registration, but then would have to pay 5% of that bid to renew the domain for years six through 25.
In other words, if the winning bid was $1 million, the annual renewal fee after the first five years would be $50,000 and the total amount paid would eventually be $2 million.
All of this money, apart from the auction provider’s cut, would go to a trust that would distribute the funds to internet-focused non-profit organizations, such as those promoting security or open protocols.
There’s also a clause that would seem to discourage domain investors from bidding. The only way to transfer the domain would be if the buyer was acquired entirely, though this could be presumably circumvented with the use of a shell company.
It’s an elaborate auction plan, befitting of the fact that one-character .com domains are super rare.
Only x.com, q.com and z.com are currently registered and it’s Verisign policy to reserve them in the unlikely event they should ever expire.
Billionaire entrepreneur Elon Musk this July reacquired x.com, the domain he used to launch PayPal in the 1990s, back from PayPal for an undisclosed sum.
Z.com was acquired by GMO Internet for $6.8 million in 2014.
Single-character domains are typically not reserved in the ICANN contracts of other gTLDs, whether pre- or post-2012, though it’s standard practice for the registry to reserve them for auction anyway.
Verisign’s reservations in .com and .net are a legacy of IANA policy, pre-ICANN and have been generally considered technically unnecessary for some years.
Still, there’s been a reluctance to simply hand Verisign, already a money-printing machine through accident of history, another windfall of potentially hundreds of millions of dollars by allowing it to sell off the names for profit. Hence the elaborate plan with the O.com trust fund.
The proposal to release O.com requires a contractual amendment, so Verisign has filed a Registry Services Evaluation Process request (pdf) with ICANN that is now open for public comment.
As a matter of disclosure: several years ago I briefly provided some consulting/writing services to a third party in support of the Verisign and Overstock positions on the release of single-character domain names, but I have no current financial interest in the matter.
Verisign launches name-spinner tool for if you really, really need a .com
Verisign has launched a new name-spinning tool, designed to help new businesses find relevant domain names in Verisign-managed TLDs.
It’s called NameStudio. Verisign said:
NameStudio can deliver relevant .com and .net domain name suggestions based on popular keywords, trending news topics and semantic relevance. Pulling from multiple and diverse data sources, the service can identify the context of a word, break search terms apart into logical combinations and quickly return results. It can also distinguish personal names from other keywords and use machine-learning algorithms that get smarter over time.
The machine-learning component may come in handy, based on my non-scientific, purely subjective messing around at the weekend.
I searched for “london pubs”, a subject close to my heart. Naturally enough, londonpubs.com is not available, but the suggestions were not what you’d call helpful.
As you can see, the closest match to London it could find was “Falkirk”, a town 400 miles away in Scotland. The column is filled with the names of British towns and cities, so the tool clearly knows what London is, even if its suggestions are not particularly useful for a London-oriented web site.
The closest match to “pubs” was “cichlids”, which Google reliably informs me is a type of fish. “ComicCon” (a famous trademark), “barbarians” and a bunch of sports, dog breeds and so on feature highly on its list of suggestions.
NameStudio obviously does not know what a “pub” is, but it’s not a particularly common word in most of Verisign’s native USA, so I tried “london bars” instead. The results there were a little more encouraging.
Again, Falkirk topped the list of London alternatives, a list that this time also prominently included the names of Australian cities.
On the “bars” column, suggestions such as “parties”, “stags” and “nights” suggests that NameStudio has a notion what I’m looking for, but the top suggestion is still “birthdays”.
I should note that the service also suggests prefixes such as “my” and “free” and suffixes such as “online” or “inc”, so if you have your heart set on a .com domain you’ll probably be able to find something containing your chosen keywords.
The domains alllondonpubs.com and alllondonbars.com were probably the best available alternatives I could find. For my hypothetical London-based pub directory/blog web site, they’re not terrible choices.
I also searched NameStudio for “domain blog”, another subject close to my heart.
The top three suggestions in the “domain” column were “pagerank”, “websites” and “query”. Potentially relevant. Certainly some are in the right ball-park. Let’s ignore that “pagerank” is a Google trademark that nobody really talks about much any more.
The top suggestions to replace “blog” were “infographic”, “snippets” and “rumor”. Again, right ball-park, but my best bet still appears to be adding a prefix or suffix to my original keywords.
I tried a few more super-premium one-word keywords too.
The best suggestion for “vodka” was “dogvodka.com”. For “attorney”, it was “funattorney.com”. For “insurance”, there were literally no available suggestions.
Currently — and to be fair the tool just launched last week — you’re probably better off looking at other name suggestion tools.
NameStudio does not appear to currently suggest domains that are listed for sale on the aftermarket. I expect that’s a feature addition that could come in future.
But possibly the main problem with the tool appears to be that it currently only looks for available names in .com, .net, .tv or .cc.
Repeating my “london pubs” search with GoDaddy and DomainsBot, which each support hundreds more TLDs, produced arguably superior results.
They’re only superior, of course, if you consider your chosen keywords, and the brevity of your domain, more important than your choice of TLD. For some people, a .com at the end of the domain will always be the primary consideration, and perhaps those people are Verisign’s target market.
Verisign and Afilias testing Whois killer
Verisign and Afilias have become the first two gTLD registries to start publicly testing a replacement for Whois.
Both companies have this week started piloting implementations of RDAP, the Registration Data Access Protocol, which is expected to usurp the decades-old Whois protocol before long.
Both pilots are in their very early stages and designed for a technical audience, so don’t expect your socks to be blown off.
The Verisign pilot offers a web-based, URL-based or command-line interface for querying registration records.
The output, by design, is in JSON format. This makes it easier for software to parse but it’s not currently very easy on the human eye.
To make it slightly more legible, you can install a JSON formatter browser extension, which are freely available for Chrome.
Afilias’ pilot is similar but does not currently have a friendly web interface.
Both pilots have rudimentary support for searching using wildcards, albeit with truncated result sets.
The two new pilots only currently cover Verisign’s .com and .net registries and Afilias’ .info.
While two other companies have notified ICANN that they intend to run RDAP pilots, these are the first two to go live.
It’s pretty much inevitable at this point that RDAP is going to replace Whois relatively soon.
Not only has ICANN has been practically champing at the bit to get RDAP compliance into its registry/registrar contracts, but it seems like the protocol could simplify the process of complying with incoming European Union privacy legislation.
RDAP helps standardize access control, meaning certain data fields might be restricted to certain classes of user. Cops and IP enforcers could get access to more Whois data than the average blogger or domainer, in other words.
As it happens, it’s highly possible that this kind of stratified Whois is something that will be legally mandated by the EU General Data Protection Regulation, which comes into effect next May.
Forget emojis, you can buy Egyptian hieroglyph .com domains
Call them the Emojis of the Ancient World.
Egyptian hieroglyphs were once the cutting edge of written communication, and it turns out Verisign lets you register .com domains using them.
Internationalized domain names expert Andre Schapp discovered a couple months ago that the Unicode code points for the ancient script have been approved in 16 Verisign gTLDs, and apparently no others.
This means that domains such as 
should resolve.
Unfortunately, DI’s database does not support these characters, so I’m having to use images.
But at least one domain investor seems have snapped up a few dozen single-pictograph Egyptian hieroglyph names about a month ago, and his page has clickable links.
Whether you see the hieroglyph or the Punycode, prefixed “xn--“, seems to depend on your browser configuration.
Ancient Egyptian is apparently not the only dead script that Verisign supports.
According to IANA, you can also get .com domains in Sumero-Akkadian cuneiform, which went out of fashion in the second century CE, as well Phoenician, the world’s oldest known script.
Then there’s Imperial Aramaic, Meitei, Kharosthi, ‘Phags-pa, Sylheti Nagari and goodness knows how many other extinct writing systems.
It seems .com has been approved for 237 IDN scripts, in total. Let it not be said that Verisign does not offer domainers ample opportunity to spunk their cash on gibberish.
No Klingon, though.
How .com became a restricted TLD
Verisign has been given approval to start restricting who can and cannot register .com and .net domain names in various countries.
Customers of Chinese registrars are the first to be affected by the change to the registry’s back-end system, which was made last year.
ICANN last week gave Verisign a “free to deploy” notice for a new “Verification Code Extension” system that enables the company to stop domains registered via selected registrars from resolving unless the registrant’s identity has been verified and the name is not on China’s banned list.
It appears to be the system Verisign deployed in order to receive its Chinese government license to operate in China.
Under Verification Code Extension, Verisign uses ICANN records to identify which registrars are based in countries that have governmental restrictions. I believe China is currently the only affected country.
Those registrars are able to register domains normally, but Verisign will prevent the names from resolving (placing them in serverHold status and keeping them out of the zone file) unless the registration is accompanied by a verification code.
These codes are distributed to the affected registrars by at least two verification service providers. Verisign, in response to DI questions, declined to name them.
Under its “free to deploy” agreement with ICANN (pdf), Verisign is unable to offer verification services itself. It must use third parties.
The company added the functionality to its .com and .net registry as an option in February 2016, according to ICANN records. It seems to have been implemented last July.
A Verisign spokesperson said the company “has implemented” the system.
The Verification Code Extension — technically, it’s an extension to the EPP protocol pretty much all registries use — was outlined in a Registry Services Evaluation Process request (pdf) last May, and approved by ICANN not long after.
Verisign was approved to operate in China last August in the first wave of gTLD registries to obtain government licenses.
Under Chinese regulations, domain names registered in TLDs not approved by the government may not resolve. Registrars are obliged to verify the identities of their registrants and names containing certain sensitive terms are not permitted.
Other gTLDs, including .vip, .club, .xyz .site and .shop have been granted approval over the last few months.
Some have chosen to work with registration gateway providers in China to comply with the local rules.
Apart from XYZ.com and Verisign, no registry has sought ICANN approval for their particular implementation of Chinese law.
Because Chinese influence over ICANN is a politically sensitive issue right now, it should be pointed out that the Verification Code Extension is not something that ICANN came up with in response to Chinese demands.
Rather, it’s something Verisign came up with in response to Chinese market realities. ICANN has merely rubber-stamped a service requested by Verisign.
This, in other words, is a case of China flexing market muscle, not political muscle. Verisign, like many other gTLD registries, is over-exposed to the Chinese market.
It should also be pointed out for avoidance of doubt that the Chinese restrictions do not apply to customers of non-Chinese registrars.
However, it appears that Verisign now has a mechanism baked into its .com and .net registries that would make it much easier to implement .com restrictions that other governments might choose to put into their own legislation in future.
Phishing in new gTLDs up 1,000% but .com still the worst
The .com domain is still the runaway leader TLD for phishing, with new gTLDs still being used for a tiny minority of attacks, according to new research.
.com domains accounted for 51% of all phishing in 2016, despite only having 48% of the domains in the “general population”, according to the 2017 Phishing Trends & Intelligence Report
from security outfit PhishLabs.
But new gTLDs accounted for just 2% of attacks, despite separate research showing they have about 8% of the market.
New gTLDs saw a 1,000% increase in attacks on 2015, the report states.
The statistics are based on PhishLabs’ analysis of nearly one million phishing sites discovered over the course of the year and include domains that have been compromised, rather than registered, by attackers.
The company said:
Although the .COM top-level domain (TLD) was associated with more than half of all phishing sites in 2016, new generic TLDs are becoming a more popular option for phishing because they are low cost and can be used to create convincing phishing domains.
…
There are a few reasons new gTLDs are gaining traction in the phishing ecosystem. For one, some new gTLDs are incredibly cheap to register and may be an inexpensive option for phishers who want to have more control over their infrastructure than they would with a compromised website. Secondly, phishers can use some of the newly developed gTLDs to create websites that appear to be more legitimate to potential victims.
Indeed, the cheapest new gTLDs are among the worst for phishing — .top, .xyz, .online, .club, .website, .link, .space, .site, .win and .support — according to the report.
But the numbers show that new gTLDs are significantly under-represented in phishing attacks.
According to separate research from CENTR, there were 309.4 million domains in existence at the end of 2016, of which about 25 million (8%) were new gTLDs.
Yet PhishLabs reports that new gTLD domains were used for only about 2% of attacks.
CENTR statistics have .com with a 40% share of the global domain market, with PhishLabs saying that .com is used in 51% of attacks.
The difference in the market share statistics between the two sets of research is likely due to the fact that CENTR excludes .tk from its numbers.
Again, because PhishLabs counts hacked sites — in fact it says the “vast majority” were hacked — we should probably exercise caution before attributing blame to registries.
But PhishLabs said in its report:
When we see a TLD that is over-represented among phishing sites compared to the general population, it may be an indication that it is more apt to being used by phishers to maliciously register domains for the purposes of hosting phishing content. Some TLDs that met these criteria in 2016 included .COM, .BR, .CL, .TK, .CF, .ML, and .VE.
By far the worst ccTLD for phishing was Brazil’s .br, with 6% of the total, according to the report.
Also notable were .uk, .ru, .au, .pl, and .in, each with about 2% of the total, PhishLabs said.
Recent Comments