Latest news of the domain name industry

Recent Posts

153 registrars fingered for ICANN security probe

Kevin Murphy, January 18, 2021, Domain Registrars

Registrars will be asked to account for abusive domain names found on their services, under a new ICANN security audit.

ICANN says it will soon send requests for information to 153 registrars, asking them to provide documentation showing how they dealt with domains used for distribution of malware or spam.

Registrars will get audited if more than five domains under their sponsorship showed up on a number of block-lists ICANN uses (SpamHaus and the like) during November 2020.

ICANN is spinning the number of affected registrars as a very small percentage of the accredited base, but it really isn’t.

It said that “only” 153 out of 2,380 accredited registrars are affected, apparently willfully ignoring the fact that well over 1,700 of these registrars are shell accreditations used for drop-catching and belonging to just two companies: Web.com and NameBright.

Domains never stick around at drop-catch shells for long, and abusive registrants typically aren’t buying expensive names on the aftermarket, they’re prowling the budget registrars for sub-dollar bargains and bulk-reg tools.

Up to a couple hundred or other accredited registrars have no or negligible domains under management. Several more are corporate registrars with no retail front-end.

So we’re really looking at “only” 153 out of 500 to 600 active retail registrars that saw the required level of abuse, a much higher percentage than would be ideal.

The audit is part of ICANN’s regular Contractual Compliance Audit Program, which seeks to determine whether any registrars or registries are in breach of their contractual obligations.

Under the 2013 Registrar Accreditation Agreement, registrars are obliged to document their responses to abuse reports, keep the data for two years, and hand it over to ICANN on demand.

ICANN hopes to finish the audit by the third quarter this year.

Net 4 India gets unwelcome Christmas gift from ICANN

Kevin Murphy, January 4, 2021, Domain Registrars

Struggling Indian registrar Net 4 India has been hit by its third notice of contract breach by ICANN, in a letter delivered Christmas Eve.

Net4 is on ICANN’s naughty list this time due to its alleged violations of ICANN’s transfer and expired domains policies. The breach notice is very similar to that delivered just two weeks earlier, concerning different domains.

ICANN reckons Net4, once India’s largest independent registrar, has in some cases been transferring domains to a partner registrar, OpenProvider, without the consent or knowledge of the registrant.

It’s been asking the company for records proving compliance, which Net4 has apparently not been providing. Therein lies the alleged breach.

Net4 has been persona non grata among many of its customers for several months, with complaints about billing and renewal failures, expirations, and a general lack of customer service availability compounded by the coronavirus pandemic.

The company has also been fighting an insolvency proceeding over millions of dollars in allegedly unpaid debts for years, which has been the subject of an ICANN breach notice for about 18 months.

The Christmas Eve breach notice gives Net4 until January 14 to turn over the relevant records or possibly face termination.

But that might prove moot — the December 10 notice had a deadline of December 31, so the wheels may already be in motion.

ICANN throws the book at Net4 over dodgy transfer claims

Kevin Murphy, December 15, 2020, Domain Registrars

Struggling Indian registrar Net 4 India has been slammed with a massive breach notice by ICANN, following claims of domain transfers failing or happening without the consent of the registrant.

ICANN also accuses the company, which is or was India’s largest independent registrar, of trying to bullshit its compliance staff about whether expired domains had been renewed or not.

According to ICANN, Net4 is in breach of the Registrar Accreditation Agreement on four counts, three of which relate to domain ownership records.

ICANN says the company isn’t operating a Whois service on the web or port 43, has failed to escrow its registration data on two recent occasions, and has failed to hand over registrant information upon ICANN’s request.

It’s also past due with its fees, ICANN says.

ICANN’s been dealing with complaints about Net4 for months, after the company’s customer service system appeared to break down in the wake of the coronavirus pandemic. Hundreds of customers have said their domains were unrenewable and that they were unable to transfer to another registrar.

In the latest breach notice — the first published breach notice against any registrar since February — ICANN names almost 200 domain names that have allegedly been held hostage at Net4, despite the registrant’s efforts to transfer out.

ICANN wants proof that registrants were given transfer authorization codes and that their domains were unlocked.

In a smaller number of cases, ICANN wants proof that domains were transferred to Net4 partner Openprovider, for which it acts as a reseller, with the consent of the registrants.

It also claims that Net4 has more than once tried to prove that a registrant renewed their expired name by supplying the registry’s expiration date instead of its own, to blag its way out of accusations that registrants were unable to renew.

ICANN also accuses the registrar of dragging its feet to address complaints:

Over the past few months, the number of complaints ICANN Contractual Compliance has received from [registered name holders], and authorized representatives, asserting that Net 4 India is exhibiting a pattern of non-response to domain transfer and renewal requests has steadily increased. While addressing the relevant compliance cases, Net 4 India’s responses to ICANN Contractual Compliance have also regularly been untimely and incomplete.

Net4 is now in the unprecedented position of being subject to two different breach notices simultaneously.

ICANN actually issued a suspension notice in June 2019, after noticing that Net4 had been in insolvency proceedings for two years — a debt recovery agency is trying to recover $28 million in unpaid debts.

But that suspension deadline was paused after talks with the “resolution professional” handling the insolvency case, for reasons ICANN’s been rather quiet about, and it remains on pause to this date.

The newest breach notice has a December 31 deadline on it. Unless Net4 turns on its Whois and hands over the reams of requested data by then, ICANN could terminate its contract.

Assuming the insolvency court allows it to, presumably.

ICANN finally addresses Net 4 India meltdown, but mysteries remain

Kevin Murphy, November 18, 2020, Domain Registrars

ICANN today made an effort to publicly address the hundreds of complaints that have recently been made about Net 4 India, India’s largest registrar, which has been in insolvency proceedings for over three years and recently started losing its customers’ domains.

In a lengthy blog post, ICANN confirmed that it received roughly 300 complaints about Net4 in August and September, when India was in coronavirus lockdown and the registrar’s customer service department was unable to cope with demand.

Many customers reported on social media and elsewhere that domains were expiring and transfers to third-party registrars were not possible.

ICANN said it had received over 400 complaints since it filed its first notice of suspension against Net4, which came about after ICANN learned of the insolvency proceedings, in June 2019. It says 74% have been resolved and it’s working on the remainder.

The post sets out customers’ options when it comes to filing complaints, which is complicated by the fact that Net4 also acts as a reseller for OpenProvider, which is not in the same financial difficulty.

ICANN’s says that it is closely monitoring Net4’s compliance with its Registrar Accreditation Agreement and has regular contact with the insolvency court where the company’s case is being heard.

What’s unclear is why the company has been permitted to continue to operate as an accredited registrar, despite its insolvency proceeding being a direct violation of the RAA. ICANN filed a suspension notice in June last year, but has postponed its effective date ever since.

While ICANN says it has not ruled out terminating Net4 and transferring its domains to another registrar, the reality may be that it is unable to do so.

In today’s post, ICANN says it “postponed the start date of the Suspension Period after considering information regarding the insolvency proceedings” provided by the court-appointed resolution professional.

Last month, during the ICANN 69 public forum, the org was asked by an Indian registrant what it was doing about Net4, and compliance chief Jamie Hedlund responded:

When they initially filed for insolvency, we attempted to suspend them and prevent them from being able to register new names. But unfortunately due to the insolvency, we were not able to do that.

It seems that a resolution professional appointed by a quasi-judicial Indian court has managed to trump ICANN’s powers under its Californian-law registrar contract.

Net4’s latest registry transaction reports show that it had 90,000 gTLD domains under management at the end of July. It’s bleeding thousands of domains every month. The company claims to have 400,000 customers in total.

The insolvency proceedings were initiated in 2017 by a debt-recovery agency called Edelweiss, which had acquired $28 million of debts Net4 owed the State Bank of India.

Is India’s largest registrar about to go titsup? And where the hell is ICANN?

Kevin Murphy, September 21, 2020, Domain Registrars

India’s largest independent domain name registrar appears to be “doing an AlpNames”, with many customers complaining about domains going dark, transfer codes not being issued, and customer support being unavailable for weeks.

Net 4 India, which claims to have 400,000 customers, has been in insolvency proceeds for over two years, but it’s only in the last couple months that the complaints have started piling up by the scores from disgruntled customers.

A major complaint is that renewals are not processed even after they are paid for, that transfer authcodes never arrive, that customer support never picks up the phone or replies to emails, and (occasionally) that the Net4 web site itself is down.

As we saw with AlpNames last year and RegisterFly back in the mists of time, These are all the warning signs of a registrar in trouble.

On its web site, Net4 prominently warns customers that its call centers are operating on a skeleton staff due to India’s coronavirus lockdown measures, which may account for the lack of support.

But there are reports that customers have visited the company’s offices in person to find them closed.

There’s been radio silence from the registrar. Even its Twitter account is private.

Many local commentators are pointing to the fact that Net4 is in protracted insolvency proceedings as the true underlying issue.

There have been calls for government intervention, action by .in registry NIXI, ICANN enforcement, and even the Indian equivalent of a class action lawsuit. This local cyber law blogger is all over it.

But what is ICANN doing about it?

Net4 was taken to a quasi-judicial insolvency court in 2017 by a debt-recovery company called Edelweiss over the rupee equivalent of about $28 million of unpaid loans from the State Bank of India.

ICANN has been aware of this fact since at least April 2019, when it started calling the registrar for an explanation.

Under the standard Registrar Accreditation Agreement, being in insolvency for over 30 days is grounds for unilateral termination by ICANN.

ICANN could terminate the agreement and transfer all of Net4’s gTLD domain names to a different registrar pretty much at will — all the registrant data is in escrow. This would not protect Net4’s many thousands of .in registrants of course.

ICANN suspended Net4’s RAA in June last year, but Net4 somehow managed to talk its way out of it. ICANN later rescinded the suspension on the proviso that the registrar provide monthly updates regarding its insolvency.

Net4’s cure period has been extended three times by ICANN. The latest expired July 31 this year.

At least one ICANN staffer is on the case, however. ICANN’s head of India Samiran Gupta has recently been reaching out to customers on Twitter, offering his email address and assistance getting in contact with Net4 staff, apparently with some success.

But Net4 had 95,000 gTLD names under management at the last count (though it’s been hemorrhaging thousands per month) so this individual approach won’t go very far.

Free domains registrar gets FOURTH breach notice

Kevin Murphy, April 21, 2020, Domain Registrars

OpenTLD, the company that offers free and at-cost domain names under the Freenom brand, has received its fourth public breach of contract notice from ICANN.

The alleged violation concerns a specific expired domain — tensportslive.net — which was until its expiration last November hosting a Pakistani cricket blog.

ICANN claims OpenTLD failed to hand over copies of expiration notices it sent to the former registrant of the name, which expired November 12, despite repeated requests.

The blogger seems to have been royally screwed over by this situation.

ICANN first started badgering OpenTLD for its records on December 23, presumably alerting the company to the fact that its customer had a problem, when the domain had expired but was still recoverable.

ICANN contacted the registrar four more times about the domain before February 1, when it dropped and was promptly snapped up by DropCatch.com.

The public breach notice (pdf) was published February 27. OpenTLD has apparently since provided ICANN with data, which is being reviewed.

But it’s the fourth time the registrar has found itself in serious trouble with ICANN.

It got a breach notice in March 2015 after failing to file compliance paperwork.

Later that year, ICANN summarily suspended its accreditation — freezing its ability to sell domains — after the Dutch company was found to have been cybersquatting rival registrars including Key-Systems and NetEarth in order to poach business away from them.

That suspension was fought in an unprecedented arbitration case, but ICANN won and suspended the accreditation again that August.

It got another breach notice in 2017 for failing to investigate Whois accuracy complaints, which ICANN refers to in its current complaint.

OpenTLD/Freenom is perhaps best known as the registry for a handful of African ccTLD and Tokelau’s .tk, which is the second-largest TLD after .com by volume of registered domains.

Its business model is to give the names away for free and then monetize them after they expire or are deleted for abuse. In the gTLD space, it says it offers domains at the wholesale cost.

According to SpamHaus, over a third of .tk domains it sees are abusive.

Registrar terminated after what looks like domain hijacking

Kevin Murphy, January 10, 2020, Domain Registrars

ICANN has canned its first registrar of the year.

Los Angeles-based World Biz Domains will be going out of bizness after ICANN terminated its registrar contract earlier this week, following its non-responsiveness to what appears to be case of domain hijacking.

It’s a nothing registrar, with fewer than 100 domains under management, but it once had over 5,000.

The termination comes following the suspension I blogged about in October, which was related to the transfers to World Biz of 15 potentially valuable domains in late 2018.

The names were all either short numerics or the names of famous places in Singapore and Malaysia.

ICANN spent most of last year demanding records showing that the transfers were legit, but was ghosted.

World Biz allegedly also had failed to deliver Whois records in the proper format, and was behind on its ICANN accreditation fees.

The company will lose its accreditation officially on January 22.

.whoswho survives!

Kevin Murphy, October 3, 2019, Domain Registries

The registry running the failing new gTLD .whoswho has managed to avoid having its contract terminated by ICANN.

According to an update on the ICANN web site, Who’s Who Registry came back into compliance with its obligations earlier this week, meaning it can continue operating.

It had been under a cloud of uncertainty since January, when ICANN Compliance sent off a breach notice saying the company was overdue with its $25,000-a-year fees.

Who’s Who originally had until a date in February to pay up, but this deadline has been extended repeatedly over the course of the year.

Registry CEO John McCabe had told ICANN last November that the fee is “onerous” and “the single largest item in .whoswho’s budget”.

ICANN later rejected his request for a fee reduction.

.whoswho, which seeks to replicate the once-popular biography compilation books of the same name, has fewer than 100 real registrations to its name, most of which appear to be defensive, despite being live for five years.

At about $70 a pop, that’s still not nearly enough to cover ICANN fees, never mind other operating costs.

It sold barely a dozen names in the first half of this year.

I thought it was a goner for sure.

But it looks like it’s been saved from the axe for now, so maybe there’s time to turn things around.

Registrar suspended over dodgy transfers

Kevin Murphy, October 1, 2019, Domain Registrars

ICANN has suspended a Los Angeles-based registrar after failing to get answers to its questions about a bunch of domain transfer.

World Biz Domains won’t be able to sell any gTLD domains, or accept transfers, from October 16 until January 13 next year. It will also have to post ICANN’s suspension notice on its home page.

Its crime? Failing to provide ICANN with records proving that the change of registrant requests for 15 potentially valuable domain names were legitimate.

ICANN has been badgering World Biz for these records since April, but says it was given the runaround.

The domains in question — 28.net, 68.net, 88.org, changi.com, tay.net, goh.net, koh.net, kuantan.com, yeong.com, merlion.org, og.net, raffles.net, sentosa.org, sg.org and shenton.com — all appear to have been registered to a Singaporean investor using the registrar DomainDiscover until about a year ago.

The non-numeric names all have significance to Singapore or neighboring Malaysia one way or the other. Some of them are arguably UDPR fodder.

Shenton is a busy street and hotel in the city, Merlion is Singapore’s lion mascot, Sentosa is a Singaporean island, and Raffles is of course the name of the famous hotel. Other domains on the list are common Chinese surnames used by Singaporeans.

It appears that about a year ago, according to DomainTools’ historical Whois records, they were transferred to World Biz and put under privacy protection.

There’s no specific claim in ICANN’s notice that any domain hijacking has taken place, but it’s easy to infer that the original registrant was for some reason not happy that the domains changed hands and therefore complained to ICANN.

Some of the domains in question have since been transferred to other registrars and may have been returned to the original registrant.

If ICANN’s track record of demanding records is any guide, this will not help World Biz come into compliance.

Should it be terminated, it looks like very few registrants will be affected.

While World Biz at one point had over 5,000 gTLD domains under management, it’s been shrinking consistently for the best part of a decade and in May had just 74 DUM.

September last year, when the domains in question moved to World Biz, was the company’s most-successful month in terms of inbound transfers — 17 domains — since I started tracking this kind of data nine years ago.

Net 4 India gets brief reprieve from ICANN suspension

India registrar Net 4 India has been given a bit of breathing space by ICANN, following its suspension last month.

ICANN suspended the registrar’s accreditation a month ago, effective June 21, after discovering the company had been in insolvency proceedings for some time.

But on June 20 ICANN updated its suspension notice to give Net4 more time to comply. It now has until September 4, the same day its insolvency case is expected to end, to provide ICANN with documentation showing it is still a going concern.

The registrar was sued by a debt collector that had acquired some Rs 1.94 billion ($28 million) of unpaid debts from an Indian bank.

ICANN’s updated suspension notice adds that Net4 is to provide monthly status updates, starting July 18, if it wants to keep its accreditation.

The upshot of all this is that the registrar can carry on selling gTLD domains and accepting inbound transfers for at least another couple months.