Latest news of the domain name industry

Recent Posts

Does .tickets have the ultimate anti-cybersquatting system?

Kevin Murphy, January 19, 2016, Domain Registries

I’ve never seen anything like this before.

.tickets gTLD registry Accent Media has launched an anti-cybersquatting measure that lets the world know who is trying to register what domain name a whole month before the domain is allowed to go live.

The service, at domains.watch, is currently only being used by .tickets, but it seems to be geared up to accept other TLDs too.

A spokesperson said the site soft-launched a couple months ago.

Today, if you want to register a .tickets domain name, you have a choice of two processes — “fast-track” or “standard”.

Fast-track is for organizations with trademarks matching their names. It take five days for the trademark to be verified and the domain to go live.

Standard-track applications, however, are published on domains.watch for 30 days before the the registration is fully processed (under the registry hood, the domain are kept in “Pending Create” status).

Domains.Watch

During that 30 days, anyone with a trademark they believe would be infringed by the domain may file a challenge against the registration. They have to pay a fee to do so.

The would-be registrant can counter by showing their own rights. If they have no documented rights, the challenger gets the name instead.

“Rights” in the case of .tickets means a trademark or evidence of use of a mark in a ticketing-related context.

While it’s certainly not unusual in the industry for restricted TLDs to manually vet their registrants before processing a registration, I’ve never before come across a registry that does it all in public, allowing basically anyone — or, at least, anyone who is willing to pay the challenge fee — to challenge any registration.

Can you imagine what the domain world would be like if this kind of system were commonplace across a range of TLDs?

A lot of people outside the industry — particularly in security, I fancy — would love it.

Top 2015 new gTLD sale looks like cybersquatting

Kevin Murphy, January 8, 2016, Domain Sales

One of the top secondary market domain sales of 2015, as reported by Sedo, appears to be a case of somebody selling a domain matching a trademark to the trademark’s owner.

According to a press release yesterday, the domain basic-fit.fitness was the third-priciest reportable new gTLD domain sale handled by Sedo last year.

It went for €7,949 ($8,634).

Given that it’s not intrinsically an attractive-looking domain, I tried to figure out why it sold.

Judging by Whois records, the buyer is the corporate owner of Basic-Fit, a chain of over 300 gyms in four European countries.

It has at least one trademark on “Basic-Fit”.

The original registrant, according to records cached by DomainTools, was a Belgian web designer.

The domain seems to have changed hands around May last year. In April, it spent a couple of weeks under Whois privacy.

The domain was registered August 27, 2014, the day .fitness exited its Early Access Period and domains were available at regular prices.

It seems the same Belgian web designer owns several more new gTLD domain names matching brands that are parked with Sedo and available to buy instantly.

Many are .immo (“.realestate”) domains matching the brands of Belgian real estate firms. There are also a few .beer domains under his name matching the brands of breweries and beers in the UK, US and Czech Republic.

It’s not unheard of for web developers to register domains on behalf of clients. It’s rather less common for them to then list them for sale, with buy-now prices, on domain marketplaces.

Looks dodgy to me.

TLS says .feedback will be “UDRP-proof”, will hire lawyers to defend registrants

Kevin Murphy, December 21, 2015, Domain Services

Top Level Spectrum plans to make its .feedback domains dirt cheap for domainers during its forthcoming Early Access Period, and is claiming that its domains will be “UDRP-proof”.

CEO Jay Westerdal told DI today that the registry will even hire lawyers to defend its registrants if and when UDRP cases arise.

The company has also introduced a new $5,000 “claims” service that is guaranteed to drive the intellectual property community nuts.

.feedback is shaping up to be one of the most fascinating new gTLD launches to date.

The company’s original plan, to sell 5,000 trademark-match domains to a single entity after its sunrise period ends has been tweaked.

Now, it will instead offer huge rebates during its Early Access Period next month, which will bring the price to registrants down from as much as $1,815 to as little as $5.

It’s called the “Free Speech Partner Program”.

To qualify for the program rebate, registrants will have to agree to stick to using TLS’s specially designated name servers, which point to a hosted feedback service managed by the registry.

An example of such a site can be seen at donaldtrump.feedback, which is among several US presidential candidate names TLS has registered to itself recently.

That commitment will be passed on if the domain ever changes hands, and a $5,000 fee will be applicable if the registrant wants to switch to their own name servers.

A registry charging a lower fee during EAP than GA is unheard of, but that’s what TLS is planning.

Rebates will not be available during the first three days of EAP, which starts January 6 at $14,020 per name. Days two and three see domains priced at $7,020 and $3,520.

From January 9 to January 18, rebates will bring the prices down to $5 per domain.

That’s a quarter of the $20 registry fee it plans to charge during general availability.

“Our plan is to sell thousands of domains before normal GA,” Westerdal said.

“It is a great opportunity for domainers to register domains that will be UDRP proof,” he said. “As free speech sites they are going to improve the world and let anyone read reviews on any subject.”

“I think they are UDRP proof,” he said. “As a registry we will hire lawyers to fight cases that arise.”

Asked to confirm that TLS would pay for lawyers to defend its registrants in UDRP cases, he said: “Hell yes we will.”

The registry plans to give trademark owners a way to avoid UDRP, however, if they’re willing to pay $5,000 for the privilege.

“Free Speech” registrants will have to agree not only to use TLS’s feedback platform, but also to allow the owners of trademarks matching their domains to more or less unilaterally seize those domains for up to two years after registration.

This “claims period” is also unprecedented in new gTLD launches. It’s described like this:

The registry will accept trademarks for a period of 2 years after the initial registration on a “Free Speech Partner Program” domains. The cost is $5,000 to have the mark validated, if the trademark is found to be the first to successfully make a claim against a domain in the program the domain will be transferred to the mark holder. The mark holder will be allowed to change name servers and is not subject to the “Free Speech Partner Program” terms of service.

Domain registrants of the “Free Speech Partner Program” agree the outcome of a validated mark by the Registry have no further claim to the domain if it is transferred to a new registrant.

If TLS is trying to design a system that will enrage the trademark community to the maximum extent possible, it’s doing a fantastic job.

It even introduced a new clause (2.9, here) to its registration agreement earlier this month, obliging registrants to point their domains to a web page that collects feedback. That means nobody will be allowed to leave their .feedback domains dark.

Are these measures justifiable disincentives, or plain old extortion? Opinion will no doubt be split along the usual lines.

More on my Twitter.sucks reg

Kevin Murphy, December 21, 2015, Domain Registries

If you were reading on Friday, you’ll know that I brought about the registration of the domain twitter.sucks and took charge of a web site hosted at that address.

I hinted that there was a little more to the story, but couldn’t get into it.

The first part of the story is here.

What I didn’t mention was that twitter.sucks was in my This.sucks account for probably less than 10 minutes before I removed it.

I have no beef with Twitter and no particular desire to moderate a .sucks discussion forum.

After removing twitter.sucks from my account, I noticed that This.sucks again gave me the option to “register” a free .sucks domain.

So I experimentally “registered” thisdotsucks.sucks too.

Again, the domain started resolving, showed up in Whois, and the associated WordPress site went live within seconds.

At this point, I discovered that I had admin privileges for both twitter.sucks and thisdotsucks.sucks sites simultaneously.

Suspecting that I may have found a bug that would allow anyone to register an essentially unlimited number of free and potentially trademark-matching .sucks domains, I informed This.sucks of my findings in the interest of responsible bug disclosure and ended my blog post prematurely.

Late Friday, This.sucks spokesperson Phil Armstrong told me that it wasn’t a bug after all.

He said that the company allows one “do-over”. So if you register a name for free, then delete it, you get another one for free.

He also said that WordPress admin privileges for domains removed from user accounts expire after a period (I had admin rights for the twitter.sucks web site for roughly 48 hours after I deleted it from my account.)

Right now, the domain twitter.sucks still exists, registered to This.sucks as before, as does the associated web site. I have no idea if another user has taken over its administration or if it’s in some kind of limbo state.

All I know is that it’s nothing to do with me any more.

How I just registered Twitter.sucks for free in just five clicks

Kevin Murphy, December 18, 2015, Domain Registries

This morning, I caused the registration of and was given control of a web site at twitter.sucks.

I didn’t pay a thing, though I did — by checking a box linked to hidden terms and conditions — promise to pay $10,000 if I was later determined to be working for Twitter.

Ordinarily, registering a .sucks domain would have cost me over $200.

The controversial This.sucks service (which may share ownership with .sucks registry Vox Populi) has gone live and is giving out 10,000 .sucks web sites for free.

Users, who can sign up merely by connecting their Facebook or LinkedIn accounts, are able to cause This.sucks to register names on their behalf.

They are then immediately given limited control over a WordPress blog hosted at that domain, though not to the associated name servers or Whois records.

It’s actually quite a slick, streamlined service, that could quite easily dramatically increase the number of active .sucks site overnight.

But it’s going to cause no end of headaches for trademark owners.

Earlier this week, you may recall DI reporting that This.sucks seemed to have registered the .sucks names matching the brands of Twitter, Adobe, Goldman Sachs and Justin Timberlake.

It seems that this may have been a test of the This.sucks service, as I was tipped off last night that twitter.sucks was no longer registered.

Here’s how I got control over the twitter.sucks web site in just FIVE clicks.

This.sucks has a domain availability query box, just like a regular registrar. I looked up “twitter”:

This.sucks 1

Seeing that the domain was available, I went through the two-click process of allowing This.sucks to use my Facebook login credentials.

This.sucks 2

Obviously, while I used a genuine Facebook account, I see no reason why I couldn’t have used a fake one.

After connecting, I was bounced back to This.sucks and was given the ability to register twitter.sucks in a single click.

This.sucks 3

I also had to check a box confirming:

I’m a free-thinking individual, not a corporate yes-man. I agree to the terms and conditions and any penalties which may apply.

Clicking either of the T&C links, or hovering over the question mark, will introduce you to the concept of a $10,000 penalty.

This.sucks 4

That’s right — by causing This.sucks to register a .sucks domain, you agree to pay $10,000 if the company decides, in its “sole discretion” that you are affiliated with the matching trademark owner. The terms state:

Site Runners on this.sucks must be individuals who have no affiliation with the subject matter of the Site. You can’t be running the Site on behalf of a company, entity or anyone who is the subject of the Site.

As a Site Runner you agree that if you are found by this.sucks, in our sole discretion, to be in violation of this principal, that a $10,000 USD payment to This.sucks will immediately become due and payable. You will also no longer be a Site Runner with us. Your Site may also be given to a different Site Runner to run.

If you think a Site is being run by someone acting on behalf of the subject of the Site, please email us at whistleblower@this.sucks

Given that Twitter’s lawyers are probably going to hate me for doing this, I felt pretty confident in accepting this risk.

In addition, at this point This.sucks has not asked me for any payment information. If they want $10,000 off of me, they can take a hike, I figure.

So I clicked the “Register Now” button.

Bam! In under 10 seconds the domain name twitter.sucks existed in DNS, in Whois, and there was a simple WordPress web site there that I, to a significant extent, controlled.

The domain is registered to This.sucks, which makes it clear on its web site FAQ that its users — or “Site Runners” — do not actually own the domains they cause to be registered.

This.sucks 6

As administrator of the WordPress site, I am able to create and update blog posts as well as change the appearance by switching between a limited selection of themes. I can also edit and delete comments and manage registered users.

There’s a little bit more to my story — which I cannot get into for now.

For the moment, it must suffice to say that this is a whole new world for famous brand owners.

They can either pay the roughly $2,000 required to defensively register their brand in .sucks, or they can try to sneak through a free (or $0.99 per month) registration at This.sucks at the risk of being billed $10,000 if they get rumbled.