Latest news of the domain name industry

Recent Posts

Go Daddy splashes out $28m on Marchex domain portfolio

Kevin Murphy, April 22, 2015, Domain Sales

Go Daddy has acquired about 200,000 domain names from Marchex for $28.1 million.

The sale comes as Marchex seeks to extricate itself from the domain name business in order to focus on mobile advertising analytics.

It works out at about $140 per domain.

Go Daddy said that it will make the domains available via its multi-registrar Afternic platform, which should massively increase their visibility among potential buyers.

The deal was a “unique opportunity” that doesn’t represent a change in direction for the registrar.

Domain Name Wire has an interview with company senior VP Mark McLaughlin over here which explains Go Daddy’s plans in a bit more detail.

Marchex said that it has also sold $6.7 million worth of domains from the portfolio separately since January.

Domain hijacking bug found in Go Daddy

Kevin Murphy, January 22, 2015, Domain Registrars

Go Daddy has rushed out a fix to a security bug in its web site that could have allowed attackers to steal valuable domain names.

Security engineer Dylan Saccomanni found several “cross site request forgery” holes January 17, which he said could be used to “edit nameservers, change auto-renew settings and edit the zone file entirely”.

He reported it to Go Daddy (evidently with some difficulty) and blogged it up, with attack code samples, January 18. Go Daddy reportedly patched its site the following day.

A CSRF vulnerability is where a web site fails to adequately validate data submitted via HTTP POST. Basically, in this case Go Daddy apparently wasn’t checking whether commands to edit name servers, for example, were being submitted via the correct web site.

Mitigating the risk substantially, attackers would have to trick the would-be victim domain owner into filling out a web form on a different site, while they were simultaneously logged into their Go Daddy accounts, in order to exploit the vulnerability, however.

In my experience, Go Daddy times out logged-in sessions after a period, reducing the potential attack window.

Being phishing-aware would also reduce your chance of being a victim.

I’m not aware of any reports of domains being lost to this attack.

Four reasons Google Domains isn’t a Go Daddy killer

Judging by DI’s traffic spike last night, there’s a lot of interest in Google Domains, Google’s forthcoming entry into the domain name registrar market.

And judging by some of the early commentary, it seems that many people are already assuming that the service will be an overnight success.

Some people already seem to be willing to write off market leader Go Daddy specifically, for some peculiar reason.

I’ve even heard speculation that Google timed its announcement to screw with Go Daddy’s imminent IPO, which strikes me as veering into conspiracy theory territory.

While I’ve no doubt Go Daddy and other mass-market retail registrars will be watching Google’s move with interest and concern — and there are some reasons to be worried — let’s not jump the gun here.

Let’s calm the hyperbole a little. Off the top of my head, here are a handful of reasons not to get excited just yet.

1. It could be a really shitty product

There seems to be an assumption in some quarters that whatever Google brings to market will be automatically incredible, but the company really doesn’t have the track record to support that assumption.

Sure, its search engine may be great and services such as Gmail and Adsense may be pretty good, but have you ever tried Blogger?

Do you actually use Google+, or do you only have an account because Google forced you?

The truth is that lots of Google products fail.

And we haven’t even seen Google Domains yet. Nobody has. Only Google employees and their buddies are going to get beta access, so it seems we’re going to be waiting a while before we can judge.

2. There’s no 24×7 support

Google Domains will launch with support via email and phone from 9am to 9pm US Eastern time, Monday to Friday.

Would you switch to a registrar that doesn’t have round-the-clock support seven days a week? As a small business owner who makes his living from his web site, I sure wouldn’t.

If Google Domains gains traction you can expect support hours to be expanded pretty quickly, but a lack of 24×7 support at launch will keep many customers away.

3. It’s not free

Some people seem to be obsessed with the notion that Google is going to give away free domains, and that kind of commentary is continuing even though we know Google Domains will charge $12 for a .com.

Its email service may come at no additional cost, but its email service is Gmail, and that’s already free. Google could hardly start charging an add-on fee for something that’s always been free.

Google Domains may offer free privacy too, but so do lots of other registrars.

In future, Google registry arm Charleston Road Registry may give away free names in some of its new gTLDs, but if it does so that price will have to be available to all registrars, not just Google Domains.

Google Domains isn’t free. It’s not even the cheapest registrar on the market.

4. Go Daddy is gigantic

According to its recent regulatory filings, Go Daddy has 57 million domains under management and 12 million customers.

How many of those do you think will make the switch to Google? How many will even know that such a switch is possible?

Switching registrars may be relatively straightforward if everything you own is parked, but it becomes more complex when you’re running your web site, email and so forth on your registrar’s platform.

These kinds of small business owners are the customers being targeted by Google and Go Daddy, and if they already have web sites they’re likely already experiencing registrar lock-in.

According to its announcement, Google is targeting greenfield opportunities — the 55% of small businesses it estimates don’t have an online presence today — rather than grabbing market share from rivals.

The “small businesses need to get online” story is common to every press release issued by every web host and domain registrar with a price promotion to plug.

When Google teamed up with Blacknight to give away domains for free — for FREE, so it is, so it is — to Irish small businesses, it managed to sign up 10,000 in one year.

How long do you think it will take Google to get to 57 million names under management?

Breaking: Go Daddy files for $100 million IPO

Go Daddy has filed its S-1 registration form with the US Securities and Exchange Commission, signalling its intention to go public.

The filing reveals the company plans to raise $100 million with the share sale.

Go Daddy’s revenue for 2013 was $1.1 billion, up from $910.9 million in 2012, the filing reveals.

But the company said it uses “bookings” as a measure of its success, due to the way its revenue is collected up-front but recognized on its books over the term of the domain or hosting contract.

Bookings were $1.4 billion in 2013, up from $1.25 billion in 2012.

Go Daddy is loss-making, recording a net loss of $199.8 million in 2013 and $279 million in 2012.

The company has 57 million domains under management and hosts 8.5 million web sites, according to the S-1. Those are spread between 12 million customers, a number that grew by 1.3 in 2013.

A surprising 24% of its sales come via its customer service people; the rest comes through its web site.

Go Daddy planned to IPO in 2006, but subsequently yanked the offering due to “market uncertainties” and then-CEO Bob Parsons’ apparent discomfort with the process.

In 2011 the company was taken over by the investment firms KKR, Silver Lake Partners, and Technology Crossover Ventures, paying a reported $2.25 billion for a 65% stake.

Since then, an eventual IPO has not been a matter of if, but when.

I’m tweeting more nuggets from the S-1 as I find them.

.club “hits top 10″ new gTLDs in minutes

The new .club gTLD went into the top 10 new gTLDs by volume in the “first instants” of general availability this afternoon, according to the registry and partner Go Daddy.

.CLUB Domains CEO Colin Campbell told DI, about two hours after the 1500 UTC GA launch, “We’ll let the zone files speak for themselves, but we were well within the top 10 a few minutes after we opened up.”

Based on today’s zone file data, that means .club moved at least 15,000 names. It will presumably be a somewhat bigger number by the time today’s zones are published at 0100 UTC.

.CLUB CMO Jeff Sass said that pre-registrations at registrars including Go Daddy were responsible for the initial spike.

“We would be in the top 10 based just on those pre-registrations in the first instant,” he said.

While over 50 registrars are signed up to sell .club, the registry is pretty tight with Go Daddy.

The two companies have been conducting joint marketing, some of which involved .CLUB pushing buyers to GoDaddy.club.

“We’ve worked closely on cooperative marketing efforts,” Sass said. “We’ve done a lot of campaigns where the call to action has been to Go Daddy.”

The GA launch, which was briefly webcast live, actually came from Go Daddy’s Arizona headquarters.

While I get the distinct impression that money changed hands in order for Go Daddy to throw its weight behind .club, VP Mike McLaughlin gave some reasons why he likes the gTLD.

“We like to see that the registry is invested,” he said. “That the business plan isn’t just to put it out there and hope for the best.”

Sass said that .CLUB has been marketing to nightclubs, sports clubs, high-end members clubs and others.

McLaughlin said the price point — $14.99 retail, the same as Go Daddy’s .com renewals — and the fact that there are no registration restrictions, were attractive.

.CLUB has reserved over 6,000 premium names. They’re all listed for sale at Sedo, perhaps showing that its relationship with rival auction platform Go Daddy/Afternic is not all that tight.

If you try to register a premium .club via Go Daddy today you’ll be told it’s unavailable.

Sass said that examples of premiums already sold to anchor tenants include shaving.club, which is launching today, as well as beauty.club, makeup.club and skincare.club, which were all sold to Mary Kay Cosmetics and are expected to launch at a later date.

.CLUB has previously predicted that it would beat .guru (currently at 54,616 names) in the first week and that it would sell five million names in the first five years.

The first aspiration seemed, to me, plausible. I’ve had countless arguments about whether the second is too.