Latest news of the domain name industry

Recent Posts

Uniregistry calls for domain Bill of Rights as Schilling says Gab.com was not booted

Kevin Murphy, November 9, 2018, Domain Services

Uniregistry has called for a “Domain Bill of Rights” to protect free speech in a world were domain takedowns can be used to de-platform controversial speakers.

Meanwhile, CEO Frank Schilling has told DI that the company did not expel the right-wing social network Gab.com from Uniregistry’s platform, and would have allowed it to stay.

In a press release this week, Uniregistry COO Kanchan Mhatre said that while the company rejects “hatred and bigotry”, free speech is an “inalienable” human right.

The company called for the new agreement “to guarantee every domain name owner a formal ‘due process’ when being faced with accusations and demands for censorship”.

Schilling said that Uniregistry’s idea for a Domain Bill of Rights is still in the early stages. It has sketched out 10 draft bullet points but is not ready to publish them yet.

The press release was issued to coincide with Tim Berners-Lee’s proposal for a “Contract for the Web”, a set of broad principles governing rights and responsibilities online.

But it also coincided with the ongoing controversy over Gab.com, the microblogging platform favored by right-wing voices, including many white supremacists, that have been kicked off Twitter.

The guy who murdered 11 people at a Synagogue in Pittsburgh last month used Gab, a back-breaking straw which prompted GoDaddy to inform the network it intended to suspend its domain unless it was immediately moved to another registrar.

It’s not the first time GoDaddy has shut down the far right for breaching its terms of service. Last year, it took the same action against a neo-Nazi site.

The Gab.com domain briefly wound up at Uniregistry, before Epik CEO Rob Monster stated publicly that he would offer Gab a home. Gab took him up on his offer, and transferred away from Uniregistry.

Uniregistry’s Schilling confirmed that “We did not ask gab.com to leave our platform… they were welcome to stay subject to law”.

Monster said in a blog post largely praising Gab and founder Andrew Torba that “De-Platforming is Digital Censorship”. He noted that for Gab, “there is a duty to monitor and lightly curate, keeping content within the bounds of the law”.

Uniregistry changes emails after “renewal scam” complaints

Kevin Murphy, February 2, 2018, Domain Registrars

Uniregistry has modified its marketing emails after customers complained they looked like fake renewal “scams”.

One customer contacted DI last week to say they were “horrified” to receive pitches for cheap SSL certificates that “read like some of the worst domain expiration scams of the past”.

The company recently started reselling Comodo’s SSL certs as part of its plan to broaden its customer base beyond its roots in the domain investor community.

But the way these certs were marketed left more than one customer with concerns. One email, which I’ve lightly redacted, read as follows:

Dear [CUSTOMER],

FINAL NOTICE – Your SSL certificate for your domain has expired. Take action and renew your certificate today through Uniregistry.

If your SSL certificate expires your website will display a warning informing customers the site is not secure.

We’ve teamed up with Comodo CA to offer our valued customers discounts up to 78% off when they renew their SSL certificate through us.

Visit https://www.comodo.com/uniregistry/ to take advantage of this offer and renew your certificate before it expires.

Domains at Risk :
[LIST OF DOMAINS]

Average validation time is less than an hour could take longer. Don’t let your certificate expire and put your business at risk. We are here to help, contact one of our SSL Specialist for more information or if you need additional support.

Thank you for choosing Uniregistry and Comodo CA

The reader said that while they have some domains with Uniregistry, their SSL certs had been bought elsewhere.

They added that the certs had not “expired” as the email claimed and said that they were not due to expire for months.

In addition, the email is quite clearly asking the customer to “renew” their cert via Uniregistry and Comodo, which should not be possible if the current cert was bought from a different Certificate Authority. It’s actually a solicitation to buy a new cert.

The scare-tactics wording is reminiscent of the old “slamming” scams carried out by Brandon Gray Internet Services, going under the moniker Domain Registry Of America and similar, until ICANN terminated its contract in 2014.

These “fake renewal” scams were delivered in the form of final-demand invoices, but were in fact solicitations to transfer domains, at a huge premium, from their current registrar to the scammer’s registrar.

A major difference between the DROA scam and Uniregistry’s marketing is that Uniregistry only contacted its existing customers. It was not spamming SSL owners at random.

Uniregistry told DI that the emails in question were part of an “A/B test” — when a company tests two emails to different sets of customers to see which one gets the best response rate — that were sent to “small number” of its customers.

Chief operating officer Kanchan Mhatre said in an email:

The initial content sent came from a previous campaign and it’s fair to say that it needed modifying to more accurately reflect what we were trying to convey. Based on the feedback received from you and other customers, we have modified the messaging and we are currently reviewing cert expiry date validation to ensure that we communicate with our customers in a timely manner.

SpamHaus ranks most-botted TLDs and registrars

Kevin Murphy, January 9, 2018, Domain Registrars

Namecheap and Uniregistry have emerged as two of the most-abused domain name companies, using statistics on botnet command and control centers released by SpamHaus this week.

SpamHaus data shows that over a quarter of all botnet C&Cs found during the year were using NameCheap as their registrar.

It also shows that almost 1% of domains registered in Uniregistry’s .click are used as C&Cs.

The spam-fighting outfit said it discovered “almost 50,000” domains in 2017 that were registered for the purpose of controlling botnets.

Comparable data for 2016 was not published a year ago, but if you go back a few years, SpamHaus reported that there were just 3,793 such domains in 2014.

Neither number includes compromised domains or free subdomains.

The TLD with the most botnet abuse was of course .com, with 14,218 domains used as C&C servers. It was followed by Directi’s .pw (8,587) and Afilias’ .info (3,707).

When taking into account the relative size of the TLDs, SpamHaus fingered Russian ccTLD .ru as the “most heavily abused” TLD, but its numbers don’t ring true to me.

With 1,370 botnet controllers and about five and a half million domains, .ru’s abused domains would be around 0.03%.

But if you look at .click, with 1,256 botnet C&Cs and 131,000 domains (as of September), that number is very close to 1%. When it comes to botnets, that’s a high number.

In fact, using SpamHaus numbers and September registry reports of total domains under management, it seems that .work, .space, .website, .top, .pro, .biz, .info, .xyz, .bid and .online all have higher levels of botnet abuse than .ru, though in absolute numbers some have fewer abused domains.

In terms of registrars, Namecheap was the runaway loser, with a whopping 11,878 domains used to control botnets.

While SpamHaus acknowledges that the size of the registrar has a bearing on abuse levels, it’s worth noting that GoDaddy — by far the biggest registrar, but well-staffed with over-zealous abuse guys — does not even feature on the top 20 list here.

SpamHaus wrote:

While the total numbers of botnet domains at the registrar might appear large, the registrar does not necessarily support cybercriminals. Registrars simply can’t detect all fraudulent registrations or registrations of domains for criminal use before those domains go live. The “life span” of criminal domains on legitimate, well-run, registrars tends to be quite short.

However, other much smaller registrars that you might never have heard of (like Shinjiru or WebNic) appear on this same list. Several of these registrars have an extremely high proportion of cybercrime domains registered through them. Like ISPs with high numbers of botnet controllers, these registrars usually have no or limited abuse staff, poor abuse detection processes, and some either do not or cannot accept takedown requests except by a legal order from the local government or a local court.

The SpamHaus report, which you can read here, concludes with a call for registries and registrars to take more action to shut down repeat offenders, saying it is “embarrassing” that some registrars allow perpetrators to register domains for abuse over and over and over again.

Uniregistry: sales prices down for “first time ever”

Kevin Murphy, September 19, 2017, Domain Sales

Uniregistry today said that it sold $29 million of domain names through its Uniregistry Market platform so far this year.

But the company said that average sales prices dipped for the “first time ever” over the period.

The 3,617 names it sold in the first eight months of the year went for on average $8,017 per domain, compared to $9,110 in the same 2016 period.

Average prices had been steadily rising since 2011, Uniregistry said in a press release. It blamed the reversal on “expansion into exploratory, nontraditional markets” — the mix leaning more towards new gTLDs and ccTLDs, in other words.

On the bright side, the total dollar value of sales were up to $29 million from the $25 million in the comparable period. Transactions were up 24%, the company said.

Eight months is an unusual period to report results for, making me wonder whether today’s statement is in response to some recent bad press, but as a private company I guess Uniregistry can report figures for whatever period it wishes.

The numbers, to reiterate, refer to its Uniregistry Market secondary sales platform, not its own cache of registry-reserved new gTLD domains.

GoDaddy’s reason for dumping Uniregistry doesn’t make a lot of sense

Kevin Murphy, August 24, 2017, Domain Registrars

GoDaddy, as you may have read, has again decided to dump Uniregistry’s portfolio of TLDs, following wholesale price increases.

But its explanation for the move — trying to provide its customers with a “great product experience” — doesn’t seem to tally with the way it has gone about implementing the change.

The company confirmed this week that it will no longer offer new registrations in Uniregistry’s stable of new gTLDs, but will continue to support existing customers.

The registrar’s EVP of domains, Mike McLaughlin, reportedly explained the move like this:

GoDaddy strives to provide its customers with great product experiences wherever possible. After careful consideration, we decided to stop offering new Uniregistry domain names for sale because their pricing changes caused frustration and uncertainty with our customers.

But the way GoDaddy has gone about this looks like it is set to provide anything other than a great product experience.

For starters, existing registrants of Uniregistry names will find their registrations migrated over to the wholesale registrar Hexonet, for which GoDaddy will act as reseller.

They’ll still be able to manage their names via their GoDaddy control panels, but technically GoDaddy will no longer be the registrar.

This could well add friction to the customer support process, as well as meaning Hexonet will now show up in Whois as the sponsoring registrar.

Accompanying this move is the unexplained removal of Whois privacy services for all affected domains. Registrants will get a refund for their privacy service and will have the opportunity to switch registrars to one that will support privacy.

For those that remain, suddenly their personally identifiable information will become publicly available. This could lead to an increase in complaints and support calls as registrants realize what has happened.

In terms of price, existing registrants will presumably still be affected by Uniregistry’s increases to the same extent as they were previously. Again, their customer experience has not changed.

Overall, the explanation doesn’t make a heck of a lot of sense to me. I put the above points to GoDaddy and VP of domains Rich Merdinger responded, via a company spokesperson:

After we made the decision to stop supporting Uniregistry domain names, we worked to provide the best possible experience we could to our customers. We wanted them to have a transparent experience. They will log in to the same GoDaddy account and service the domain names the same way they always have. Because of the transfer of the name to a different registrar, privacy had to be removed. While this impacts a small subset of these customers, we have done everything to make this transition as smooth as possible.

It’s true that GoDaddy isn’t a big seller of Uniregistry names. It’s one of Uniregistry’s smaller channel partners and the number of Uniregistry names it’s sold — measured in the thousands — is a drop in the ocean of the over 55 million gTLD names it currently has under management.

The two companies are also competitors, it probably should be noted.

But while Uniregistry’s registrar seems to be have been well-received by customers, and its domain volume has grown rapidly in the last three years, it still only had about 1.5 million domains under management at the last count; hardly an existential threat to the Scottsdale behemoth.

It should also be noted that GoDaddy is not the only registrar to distance itself from Uniregistry.

NameCheap also recently discontinued support for the TLDs that are experiencing the biggest price increases. Tucows announced a similar move in May.

GoDaddy had already said it would drop Uniregistry once before, but changed its mind, before changing it back again.