Latest news of the domain name industry

Recent Posts

Noss hints at winning .online auction bid

Kevin Murphy, November 13, 2014, Domain Registries

A triumvirate of domain name companies led by Radix paid well over $7 million for the .online new gTLD, judging by comments made by Tucows CEO in an analysts call yesterday.

As the company reported its third-quarter financial numbers, Noss said of .online, which was recently auctioned:

While we are bound by confidentiality with respect to the value of the transaction, we can point to amounts paid in other gTLDs’ auctions in the public domain — like $6.8 million for .tech, $5.6 million for .realty, or the $4.6 million that Amazon paid for .buy — and let you decide what you think .online should be valued, relative to those more narrowly targeted extensions.

Radix won the private auction with financial backing from Tucows and NameCheap.

The three companies intend to set up a new joint venture to manage the .online registry, as we reported yesterday, with each company contributing between $4 million and $5 million.

Assuming at least one company is contributing $4 million and at least one is contributing $5 million, that works out to a total of $13 million to $14 million, earmarked for the auction and seed funding for the new venture.

Based on that knowledge, an assumption that the new company will want a couple of million to launch, and Noss’s comments yesterday, I’d peg the .online sale price in the $10-12 million range.

Radix business head Sandeep Ramchamdani told us yesterday that the company plans to market .online with some “hi-decibel advertising” and participation in events such as Disrupt and South by Southwest.

Russian hackers breaking in to NameCheap accounts

Kevin Murphy, September 2, 2014, Domain Registrars

If you have an account at NameCheap, now might be a good time to think about changing your password.

According to the registrar, hackers based in Russia are using a haul of a reported 4.5 billion username/password combinations to attempt to break into its customers’ accounts.

Some attempts have been successful, NameCheap warned.

The attackers are using credentials stolen from third-party sources in a large-scale, automated attempt to log in to user accounts, disguised as regular users, the company said in a blog post.

NameCheap said:

The vast majority of these login attempts have been unsuccessful as the data is incorrect or old and passwords have been changed. As a precaution, we are aggressively blocking the IP addresses that appear to be logging in with the stolen password data. We are also logging these IP addresses and will be exporting blocking rules across our network to completely eliminate access to any Namecheap system or service, as well as making this data available to law enforcement.

While the vast majority of these logins are unsuccessful, some have been successful. To combat this, we’ve temporarily secured the Namecheap accounts that have been affected and are currently contacting customers involved requesting they improve the security for these accounts.

Affected users have been emailed, the company said.

NameCheap suspects the attack is linked to a reported cache of 1.2 billion unique username/password combinations amassed by a hacker group from databases vulnerable to SQL injection.

The registrar pointed out that its own systems haven’t been hacked. Customers should only be vulnerable if they use the same username and password at NameCheap as they use on other sites.

NameCheap gets contract breach notice

ICANN has sent a formal breach notice to top ten registrar NameCheap, saying the company failed to comply with a mandatory audit.

ICANN also claims in the notice (pdf) that the company has failed to keep its web site up to date with pricing information required by policies.

NameCheap, which says it has over three million domains under management, may be the largest registrar to get to the formal, published breach notice stage of the ICANN compliance process.

But it should be noted that while the company is accredited and must comply with its Registrar Accreditation Agreement, it does almost all of its business as an eNom reseller.

Just a handful of domain names are registered under NameCheap’s own IANA number.

NameCheap: a top ten registrar?

Kevin Murphy, January 20, 2014, Domain Registrars

eNom reseller NameCheap is actually in the top 10 largest registrars in terms of domains under management, judging by data in regulatory documents filed by eNom parent Rightside.

According to a Rightside SEC filing related to its spin-off from Demand Media, NameCheap accounted for 23% of the company’s total domains under management as of September 30.

With the same document declaring Rightside has over 12 million names under management as of the same date, NameCheap apparently looks after just under 2.8 million domains.

By my reckoning, this means NameCheap is very probably the ninth-largest registrar by DUM out there, sandwiched between GMO Internet and FastDomain.

My comparison is not completely apples-to-apples — NameCheap’s number may include ccTLD registrations and I’m levering the company into a gTLDs-only league table — so may not be fully reliable.

But it’s the first solid indication of the size of NameCheap’s business I’ve seen in a while.

While NameCheap is accredited by ICANN in its own right, it has never registered more than a handful of domains under its own name, leaving it in the sub-900 range in the DUM league table.

According to Rightside, NameCheap is under contract to exclusively use eNom’s wholesale services until December 2014, but the deal does have one-year renewals built in.

Second .online gTLD bid and third ‘guardian’ dot-brand withdrawn

Directi appears to be the last man standing in the three-way tie-up for .online, following the latest new gTLD withdrawals.

Namecheap has dropped its .online application, closely following Tucows, which dropped its bid a couple of weeks ago.

The three companies announced a deal in March to see them cooperate to win the contested TLD, but at the time it wasn’t clear which applicants would pull out.

Directi’s bid (filed by DotOnline Inc under the Radix brand) remains. It has already passed Initial Evaluation, which may be part of the reason its application was chosen as the “winner”.

The gTLD is still contested, however. Directi is competing with Donuts, I-Registry and Dot Online LLC.

Separately today, a curious two-way dot-brand battle seems to have had its final twist, with Guardian Life Insurance’s withdrawal of its application for .guardianlife.

The insurance company and newspaper publisher Guardian News and Media had both applied for gTLDs containing the string “guardian”. There were originally five, but only two remain.

It now looks like Guardian News will get .theguardian, having previously conceded .guardian to its brand rival and dropping its bid for .guardianmedia.

It appears that there’s been more than a bit of strategic applying, and maybe some deal-making, here.

Neither remaining application is contested, and neither have objections. It’s likely that .guardian is captured by the Governmental Advisory Committee’s advice against “closed generics”, however.