Recent Posts
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
Endurance losing founder-CEO next week
Endurance International, the parent company of registrar brands including Public Domain Registry, BuyDomains, Domain.com and BigRock, will see its founding CEO resign next week.
The company said this week that Hari Ravichandran will be replaced by Jeff Fox, most recently chair of customer relationship management software vendor Convergys, on August 22.
Endurance, which makes about 12% of its revenue from domain registrations, had disclosed Ravichandran’s plan to move on back in April, when it was characterized as an effort to move the company to the next stage of growth.
But it comes in the context, as the company has acknowledged, of an ongoing Securities and Exchange Commission investigation into its 2015 acquisition of Constant Contact.
The SEC probe has been going on since at least December 2015.
Endurance is also facing flattening top-line growth — revenue of $292.3 million, up 1% on last year, in the second quarter — and deepening losses.
Fox was CEO of Convergys from 2010 to 2012. He is also principal of The Circumference Group, his own investment/advisory firm.
Google dumps Nazi domain in hours
Neo-Nazi blog The Daily Stormer found itself without a registrar for the second time in a day this evening, after Google cancelled its registration.
The company told BBC News:
We are cancelling Daily Stormer’s registration with Google Domains for violating our terms of service.
The cancellation came not many hours after GoDaddy, the controversial site’s original registrar, gave its owners 24 hours to find a new registrar.
That was in response to people on Twitter complaining that the Stormer had published an article attacking a victim of alleged right-wing domestic terrorism, which GoDaddy said broke its terms of service inciting violence.
The current Whois record for dailystormer.com indicates that it is still with Google, but in a clientTransferProhibited status.
That means it should not be possible to transfer the name to a third registrar, unless and until Google changes the status.
The domain still resolves, however, from where I’m sitting.
It might be that the Stormer will now find itself registrar-hopping and/or facing a period of downtime.
GoDaddy kicks out neo-Nazi site after dead protester post
GoDaddy has given neo-Nazi web site The Daily Stormer a day to GTFO after it posted an article viciously attacking the victim of racially motivated violence in Charlottesville, Virginia.
In multiple tweets, the company said this morning that it had given the site’s owners 24 hours to move to a new registrar.
We informed The Daily Stormer that they have 24 hours to move the domain to another provider, as they have violated our terms of service.
— GoDaddy (@GoDaddy) August 14, 2017
The tweets came in response to those who questioned why GoDaddy continued to host the site in light of an article posted about Heather Heyer, who was killed while protesting white nationalists at a rally on Saturday.
A man has been arrested and charged with her murder, after allegedly driving his car into a crowd, injuring 19 others.
The article in question was a horribly vicious, cartoonishly misogynistic rant, by site founder Andrew Anglin, entitled “Heather Heyer: Woman Killed in Road Rage Incident was a Fat, Childless 32-Year-Old Slut”.
GoDaddy did not specify which terms of service the Stormer had breached, but its terms do include a prohibition against promoting violence.
The Stormer web site has a disclaimer on it stating it is “opposed to violence” and that it will ban any commentators who promote violence.
Within hours of GoDaddy’s tweets, a post appeared on the site claiming to have been written by notorious hacking collective Anonynous, which claimed the site was now under its control.
The post said that the site would be taken down within 24 hours and that quantities of material on the Stormer and Anglin had been obtained.
At this time it is not clear whether the site has really been hacked or is a hoax carried out by the Stormer itself, perhaps designed to make light of upcoming downtime.
The Daily Stormer’s domain has been hosted with GoDaddy since its launch in 2013.
Tucows revenue rockets after Enom buy
Tucows saw its revenue from domain names more than double in the second quarter, following the acquisition of rival Enom.
The company this week reported domain services revenue for the three months ending June 30 of $62.8 million, compared to $28.4 million a year ago.
That was part of overall growth of 78%, with revenue rising from $47.2 million in 2016 to $84.2 million this year.
Net income for the quarter was up 29% at $5.2 million.
Enom, which Tucows bought from Rightside for $76.7 million earlier this year, now accounts for a little under half of Tucows’ wholesale domains business, the larger portion going through its OpenSRS channel.
Sales from Tucows’ premium portfolio rose to $968,000 from $885,000 a year ago.
Its retail business, Hover, did $7.6 million of revenue, up from $3.6 million.
GoDaddy domains business grows 15% in Q2
GoDaddy saw its revenue from domain name sales increase by almost 15% in the second quarter, the company announced this week.
Its domains revenue was $263.3 million, up 14.6% on the same quarter last year.
That was part of an overall growth trend at the company, which saw revenue for the quarter up 22.3% at $557.8 million.
Revenue growth would have been a point higher but for currency fluctuations. GoDaddy now does about a third of its business outside its native US, helped a deal by its acquisition of Host Europe Group, which closed at the start of the quarter.
Net income for the period was $18.1 million, reversing a loss of $11.1 million a year ago.
Domains account for about 47% of overall revenue at the company.
GoDaddy said it had 17 million customers at the end of the quarter, June 30, adding about a million organically compared to a year earlier and 1.6 million from the HEG acquisition.
At the end of the quarter, the company had $591.2 million in cash and equivalents and debt of $3 billion.
GoDaddy flips hosting business for $456 million
GoDaddy has sold off its recently acquired PlusServer business for €397 million ($456 million).
The buyer is a private equity firm, BC Partners.
The registrar had taken control of the business when it spent $1.79 billion on Host Europe Group earlier this year, but had said from the start that the asset was for sale.
PlusServer sells hosting to larger companies, which have more demanding support needs that small-business-focused GoDaddy is accustomed to dealing with.
The unit was bringing in annual revenue approaching $100 million per year.
GoDaddy said it planned to put the proceeds of the flip towards paying off some loans.
Over 750 domains hijacked in attack on Gandi
Gandi saw 751 domains belonging to its customers hijacked and redirected to malware delivery sites, the French registrar reported earlier this month.
The attack saw the perpetrators obtain Gandi’s password for a gateway provider, which it did not name, that acts as an intermediary to 34 ccTLD registries including .ch, .se and .es.
The registrar suspects that the password was obtained by the attacker exploiting the fact that the gateway provider does not enforce HTTPS on its login pages.
During the incident, the name servers for up up to 751 domains were altered such that they directed visitors to sites designed to compromise unpatched computers.
The redirects started at 0804 UTC July 7, and while Gandi’s geeks had reversed the changes by 1615 it was several more hours before the changes propagated throughout the DNS for all affected domains.
About the theft of its password, Gandi wrote:
These credentials were likewise not obtained by a breach of our systems and we strongly suspect they were obtained from an insecure connection to our technical partner’s web portal (the web platform in question allows access via http).
It’s not clear why a phishing attack, which would seem the more obvious way to obtain a password, was ruled out.
Gandi posted a detailed timeline here, while Swiss registry Switch also posted an incident report from its perspective here. An effected customer, which just happened to be a security researcher, posted his account here.
Gandi says it manages over 2.1 million domains across 730 TLDs.
ICANN expects to lose 750 registrars in the next year
ICANN is predicting that about 750 accredited registrars will close over the next 12 months due to the over-saturation of the drop-catching market.
ICANN VP Cyrus Namazi made the estimate while explaining ICANN’s fiscal 2018 budget, which is where the projection originated, at the organization’s public meeting in South Africa last week.
He said that ICANN ended its fiscal 2017 last week with 2,989 accredited registrars, but that ICANN expects to lose about 250 per quarter starting from October until this time next year.
These almost 3,000 registrars belong to about 400 registrar families, he said.
By my estimate, roughly two thirds of the registrars are shell accreditations under the ownership of just three companies — Web.com (Namejet and SnapNames), Pheenix, and TurnCommerce (DropCatch.com).
These companies lay out millions of dollars on accreditation fees in order to game ICANN rules and get more connections to registries — mainly Verisign’s .com.
More connections gives them a greater chance of quickly registering potentially valuable domains milliseconds after they are deleted. Drop-catching, in other words.
But Namazi indicated that ICANN’s cautious “best estimate” is that there’s not enough good stuff dropping to justify the number of accreditations these three companies own.
“With the model we have, I believe at the moment the total available market for these sought-after domains that these multifamily registrars are after is not able to withstand the thousands of accreditations that are there,” he said. “Each accreditation costs quite a bit of money.”
Having a registrar accreditation costs $4,000 a year, not including ICANN’s variable and transaction fees.
“We think the market has probably gone beyond what the available market is,” he said.
He cautioned that the situation was “fluid” and that ICANN was keeping an eye on it because these accreditations fees have become material to its budget in the last few years.
If the three drop-catchers do start dumping registrars, it would reveal an extremely short shelf life for their accreditations.
Pheenix upped its registrar count by 300 and DropCatch added 500 to its already huge stable as recently as December 2016.
GoDaddy launches security service after Sucuri acquisition
GoDaddy has revealed the first fruits of its March acquisition of web security service provider Sucuri.
It’s GoDaddy Website Security, what appears to be a budget version of the services Sucuri already offers on a standalone basis.
For $6.99 per month ($83.88/year), the service monitors your web site for malware and removes it upon request. It also keeps tabs on major blacklists to make sure you’re not being blocked by Google, Norton or McAfee.
This low-end offering gets you a 12-hour response time for the cleanup component. You can up that to 30 minutes by taking out the $299.99 per year plan.
The more expensive plan also includes DDoS protection, a malware firewall and integration with a content delivery network for performance.
There’s also an intermediate, $19.99-per-month ($239.88/year) plan that includes the extra features but keeps the response time at 12 hours.
An SSL certificate is included in the two more-expensive packages.
The pricing and feature set looks to compare reasonably well with Sucuri’s standalone products, which start at $16.66 a month and offer response times as fast as four hours.
As somebody who has suffered from three major security problems on GoDaddy over the last decade or so, and found GoDaddy’s response abysmal on all three occasions (despite my generally positive views of its customer service), the new service is a somewhat tempting proposition.
Zero registrars pass ICANN audit
Some of the biggest names in the registrar game were among a bewildering 100% that failed an ICANN first-pass audit in the latest round of random compliance checks.
Of the 55 registrars picked to participate in the audit, a resounding 0 passed the initial audit, according to data released today.
Among them were recognizable names including Tucows, Register.com, 1&1, Google and Xin Net.
ICANN found 86% of the registrars had three or more “deficiencies” in their compliance with the 2013 Registrar Accreditation Agreement.
By far the most problematic area was compliance with sections 3.7.7.1 to 3.7.7.12 of the RAA, which specifies what terms registrars must put in their registration agreements and how they verify the contact details of their customers.
A full three quarters of audited registrars failed on that count, according to ICANN’s report (pdf).
More than half of tested registrars failed to live up to their commitments to respond to reports of abuse, where they’re obliged among other things to have a 24/7 contact number available.
There was one breach notice to a registrar as a result of the audit, but none of the failures were serious enough for ICANN to terminate the deficient registrar’s contract. Two registrars self-terminated during the process.
ICANN’s audit program is ongoing and operates in rounds.
In the current round, registrars were selected from those which either hadn’t had an audit in a couple of years, were found lacking in previous rounds, or had veered dangerously close to formal breach notices.
The round kicked off last September with requests for documents. The initial audit, which all registrars failed, was followed by a remediation phase from January to May.
Over the remediation phase, only one third of the registrars successfully resolved all the issues highlight by the audit. The remainder issued remediation plans and will be followed up on in future rounds.
The 0% pass rate is not unprecedented. It’s the same as the immediately prior audit (pdf), which ran from May to October 2016.
Recent Comments