Recent Posts
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
Greek .eu domains to be deleted
EURid has started warning registrants that their Greek-script .eu domains will be deleted this year.
The names will no longer work after November 14, the company said yesterday.
It’s part of the registry’s three-year plan to phase out mixed-script internationalized domain names, which are considered poor security practice.
The affected domains are Greek-script IDN.eu names, not IDN.IDN names using the Greek-script .ευ.
.ευ was introduced in 2019, after an amusingly Kafkaesque, yet typically ICANN, decade-long effort to crowbar the ccTLD through its IDN Fast Track rules.
Because EURid had been accepting Greek-script second-level names under its base Latin .eu domain for some time, it grandfathered existing registrants by “cloning” their .eu names into .ευ, albeit with only a three-year lifespan.
There were only 2,694 .ευ domains registered at the end of 2021, so one must assume that the number of domains on the deleting list must be smaller.
CentralNic buys a gTLD and a search engine for peanuts
CentralNic is on the acquisition trail again, picking up a new gTLD and an ancient search engine site for knock-down prices.
The company said today it has acquired .ruhr, as well as a German search site called Fireball, for a total of €600,000 ($678,000).
.ruhr is a geographic gTLD, currently restricted to German residents, covering the Ruhr valley region, a sprawling metropolitan area in the west of the country with multiple major cities including Dortmund and Essen.
The gTLD has about 10,000 registrations and serves about five million Ruhr inhabitants, CentralNic said.
The registry is currently Essen-based regiodot, which almost certainly spent more applying for the string, what with ICANN fees and consultants, than CentralNic is now paying for it.
While the string is geographic, it did not count as a geographic name under ICANN’s new gTLD rules and does not have a government sponsor. The deal will probably require ICANN approval, however.
CentralNic said operations of .ruhr will be brought in-house. It already runs the back-end for the similar geo .saarland.
German readers of a certain age may remember Fireball. It was quite popular there in the 1990s, but was one of the first wave of search engines to fade away with the rise of Google. It was once owned by Lycos, which gives you an idea of its vintage.
Nowadays, it’s a bare-bones site that uses Bing for its search results and appears to use Google for its advertising.
CentralNic said combined revenue for the two companies was €200,000 with EBITDA of €100,000, and that the deals will immediately boost its own results.
It said it expects its 2022 financial performance to come in ahead of what analysts currently expect and expects to provide an update at the end of the month when it reports its 2021 numbers.
PIR to offer industry FREE domain abuse clearinghouse
The DNS Abuse Institute will soon launch a free service designed to make it easier to report abuse and for registries and registrars to act upon it.
The Institute, which is funded by .org manager Public Interest Registry, is working on a system provisionally called CART, for Centralized Abuse Reporting Tool, an ambitious project that would act as a clearinghouse for abuse reports across the industry.
The plan is to offer the service for free to reporters and registrars alike, with a beta being offered to registrars late next month and a public launch hopefully before ICANN 74 in June.
DNSAI director Graeme Bunton said that CART is meant to solve the “mess” of current abuse reporting systems.
For abuse reporters, the idea is to give them a one-stop shop for their reports, across all gTLDs and registrars. CART would take their complaints, normalize them, furnish them with additional information from sources such as Whois records and domain block-lists, and shunt them off to the registrar of record.
“Registrars get boatloads of abuse reports every day,” Bunton said. “Hundreds to thousands. They’re often duplicative, often unevidenced — almost always. There’s no standardization. So they’re having to spend a lot of time reading and parsing these abuse reports.”
“They’re spending a huge amount of time triaging tickets that don’t make the internet any better,” he said. “It felt like trying to solve this problem across every individual registry and registrar was not going to work, and that a centralizing function that sits in the middle and absorbs a lot of the complexity would make a real difference, and we’ve been working towards that.”
CART reporters would be authenticated, and their reports would be filed through forms that normalized the data to make them easier for registrars to understand. There will be “evidence requirements” to submit a report.
“It’s a common lament that the abuse@ email that registrars have to publish are filled with garbage,” Bunton said. “This is intended to clean that up, as well as make it easier for reporters.”
Registrars will be able to white-label these forms on their own sites, replacing or adding to existing reporting mechanisms, which will hopefully drive adoption of the tool, Bunton said.
Registrars will be able to use an API to pull the abuse feed into their existing ticketing workflows, or simply receive the reports via email.
The plan is to send these enhanced reports to registrars’ publicly listed abuse@ addresses, whether they opt into the CART system or not, Bunton said.
One feature idea — possibly in a version 2 release — is to have a reputation-scoring function in which registrars can flag reporters as reliable, facilitating on-the-fly “trusted notifier” relationships.
While the DNSAI is focusing to the industry definition of “DNS abuse” — phishing, pharming, malware, botnets and a subset of spam — the plan is to not limit reporters to just those categories.
Copyright infringement claims, for example, would be acceptable forms of abuse report, if the registrar enables that option when they embed the CART forms on their own sites.
CART will most likely be renamed to something with “better mass-market appeal” before it launches, Bunton said, but there will be no charge to reporters or registrars.
“This is all free, with no plans to do cost-recovery or anything like that,” he said.
While Bunton didn’t want to comment, I think it’s unlikely that these projects would be going ahead, at least not for free, had PIR been turned into a for-profit company under its proposed acquisition by Ethos Capital, which was blocked by ICANN a couple of years ago.
A second project DNSAI is working on is called Intelligence.
This will be somewhat similar to ICANN’s own Domain Abuse Activity Reporting (DAAR) system, but with greater granularity, such as giving the ability to see abuse trends by registry or registrar.
The current plan is to have a preview of Intelligence available in June, with a launch in July.
Surprising nobody, Verisign to raise .com prices again
Verisign has announced its second consecutive annual price increase for .com domain names.
The wholesale registry fee for .com names will rise from $8.39 to $8.97 on September 1 this year, an extra $0.58 for every new or renewing domain, of which there are currently over 160 million.
Verisign announced the move, which was expected, as it announced a 2021 profit of $785 million and a 65.3% operating margin.
CEO Jim Bidzos, speaking to analysts, played down the impact of the increases on .com registrants, pointing out that .com prices were frozen under the Obama administration and have only gone up once before, last year, since 2012.
“This is the second wholesale price increase for COM since January of 2012,” he said. “So, if you look back over the last 10 years, that translates into a cost increase of only 1.3% CAGR over the last ten and a half years actually.”
The current .com contract, signed off by the Trump administration and ICANN, allows for two more 7% annual price increases, excluding the just-announced one, but Bidzos would not say whether Verisign plans to exercise those options.
If it does (and it almost certainly will) it would raise the price to $10.26, where it would stay until at least October 2026, he said.
“We believe .com continues to be positioned competitively,” he said.
It’s still basically free money for Verisign, which saw strong fourth-quarter and full-year 2021 results.
The company yesterday reported revenue of $1.33 billion for 2021, up 4.9%, with net income of $785 million, down from $815 million. The operating margin was 65.3%, compared to 65.2%.
For the fourth quarter, revenue was up 6.3% to $340 million, with net income of $330 million compared to $157 million. Operating margin was 65.3%, compared to 63.9%.
For 2022, the company is guiding for revenue of between $1.42 billion and $1.44 billion, based on the price increases and predicted unit growth of between 2.5% and 4.5%. The operating margin is expected to be between 64.5% and 65.5%.
Bidzos also addressed the controversial .web gTLD, which it won at auction but has been unable to launch due to legal action pursued by rival bidder Afilias/Altanovo.
An Independent Review Process panel recently threw a decision about .web back at ICANN, which is now considering Afilias’ allegations of wrongdoing at the board level.
“ICANN looks to be moving forward with making the decision on the delegation of .web, and we will be monitoring their process,” Bidzos said. He said that Verisign has not budgeted for any revenue or costs from .web in 2022.
That’s probably wise. Afilias recently told us that it has not stopped fighting against Verisign’s .web win.
auDA ramps up marketing for direct .au launch
Australian domain overseer auDA has started national advertising for its second-level .au registration launch next month.
The organization said today it has started running television, radio, outdoor and digital ads, and will continue to do so through to November.
Second-level .au domains become available March 24, on a first-come, first-served basis if there are not already matching third-level domains.
If there’s a matching .com.au or .net.au, registered before February 4, 2018, applications for the 2LDs will be handled via a priority allocation process that runs for six months.
auDA’s marketing campaign focuses on five keywords that have a general meaning in English and also a unique or somewhat distinctive meaning in Australian English: station, pavlova, gummy, stoked and stubby.
A “gummy” could mean a type of confectionery, but “gummy.au” could refer to a type of shark that stalks Aussie waters, for example.
Microsites have been launched for each keyword, but they’re not all resolving for me yet.
Is the .sucks mass-cybersquatting experiment over?
The Everything.sucks experiment is mass-cybersquatting .sucks domains may be over and done with.
Thousands of .sucks domains have been deleted in a huge junk drop, newly created domains at Everything.sucks’ registrar of choice have dried up, and there have been no new UDRP cases filed in months.
Everything.sucks, you may recall, is a wiki-style web site where thousands of famous brands and public figures have pages populated by content scraped from third-party sites discussing, on the rare occasion when the scraping works, how terrible they are.
When the site emerged in 2020, it was a redirect destination for around 2,000 .sucks domains that exactly matched those brands. You typed jackdaniels.sucks into your browser, you wound up at the Jack Daniels page at Everything.sucks.
Various attempts were made at monetizing these names by persuading the brand owners to purchase or transfer them for fees measured in the hundreds, or more usually thousands, of dollars.
The domains were registered to a Turks & Caicos company called Honey Salt and a likely fictitious individual named Pat Honeysalt or Pat Collins. The registrant has fought 21 UDRP cases, most of which it lost, since July 2020.
There hasn’t been a UDRP complaint filed against a .sucks domain since November 2021, and this may be because most of Honey Salt’s domains were only registered for one year and have since expired and dropped.
Registry transaction reports filed with ICANN by .sucks registry Vox Populi show the registrar Rebel.com — Vox’s sister company and Honey Salt’s registrar of choice — deleted 2,179 .sucks domains in September 2021.
That’s very close to the 2,184 one-year adds Rebel recorded in June 2020.
The most likely interpretation of this data, in my view, is that it’s Honey Salt’s first junk drop — the company let the domains go on expiry having failed to sell them to the brand owners and failed to convince UDRP panels that it wasn’t cybersquatting.
At least couple thousand more .sucks domains were registered via Rebel over the year to June 2021, most likely to Honey Salt, but since then the registrar has been selling no more than two or three new .sucks domains per month.
It looks like Honey Salt stopped buying .sucks domains in bulk several months ago.
And zone files show that the total number of active .sucks domains has continued to decline by the thousands since Vox’s last transaction report, from an August 2021 peak of over 13,000, to fewer than 9,000 today.
If these trends continue, it looks like the experiment in mass cybersquatting might be over by the third quarter, when Honey Salt’s last remaining .sucks domains drop.
UDRP panelists and yours truly have speculated that Vox/Rebel and Honey Salt are probably affiliated, because the registry/registrar are the only parties that stood to benefit from Everything.sucks’ monetization techniques, but Vox has denied a connection.
.eu grows in Q4 after silly growth in Portugal
The .eu ccTLD ended a lumpy 2021 with more domains than at the start, according to the registry’s latest quarterly report.
.eu ended December with 3,713,804 .eu, .ею and .ευ domains under management, up from 3,705,728 at the end of September and 3 684 984 at the end of 2020, according to EURid.
The growth was driven by a ludicrous 23.4% increase in the number of registrations coming from Portugal — .eu domains registered there increased by 30,553 during the quarter, 55,388 during the year, ending the year at 161,283 names.
Portugal had fewer than 50,000 .eu names at the end of 2019. It is believe the Portuguese surge has been driven by registrar pricing promotions and one wonders how sustainable the growth is.
Elsewhere, the number of regs coming from the UK — which is no longer eligible for .eu names due to Brexit — were 3,751, up from 3,714 in September.
The number of domains registered to EU citizens not resident in the EU was 19,591, up from 16,676 at the end of Q3.
Court denies .sucks trademark bid
Vox Populi Registry has lost its ballsy bid to have its .sucks brand trademarked in the US.
The US Court of Appeals for the Federal Circuit yesterday denied Vox’s latest appeal in its fight with the Patent and Trademark Office, which had rejected two .sucks trademark applications in 2018.
Vox had tried to register the string .sucks itself and also its stylized logo, in which “.SUCKS” appears pixelated. Both were rejected, but the registry appealed on the logo application.
It’s one of a great many trademark attempts by actual and wannabe gTLD registries to be rejected by the USPTO, which usually finds that the marks do not act as “source identifiers”.
The court instead found that people and companies, including registrars, “use .SUCKS to refer to a product being sold to the public rather than as an identifier for Vox’s services”.
In this case, Vox tried to show that it had crossed the line into service mark partly on the basis that its two leading registrars filed declarations swearing it is a distinctive service mark.
Showing that Vox’s chutzpah knows no depths, one of those registrars was its own sister company, Rebel, which is also owned by Momentous. The other was Uniregistrar, years prior to its acquisition by GoDaddy.
But the USPTO wasn’t buying it, and the Federal court agreed with its analysis.
The court also agreed that the stylized .sucks logo was not distinctive enough — too “ordinary” — to allow it to be trademarked.
The case has a layer of irony as .sucks’s biggest customer is a serial cybersquatter that some UDRP panels have speculated is connected to the registry itself.
Read the decision (pdf) here.
Over 6,000 Brexit domains snapped up after mass delete
EURid saw about 6,000 .eu domain names that formerly belonged to Brits re-registered in the first day after a mass delete at the start of the month.
“Around 6000 Brexit-related domain names were re-registered during the first day, and around 6500 as of today,” a registry spokesperson said.
EURid had released around 48,000 domains in batches on January 3, so the portion of domains considered valuable enough to snap up was about 13.5%.
The domains had belonged to UK citizens who no longer qualify for .eu after Brexit came into effect a year ago.
Registrants had been given many chances to retain their names by transferring them to an entity in the remaining EU and EEA states, or to an EU/EEA citizen residing in the UK.
There were almost 300,000 .eu domains registered in the UK at the time of the Brexit referendum in 2016.
.xxx shows up in botnet top-five TLDs for the first time
It is a truth universally acknowledged that the cheaper a TLD, the more likely it is to be abused by bad actors, and that may be what happened to .xxx in the fourth quarter.
SpamHaus listed .xxx as its fourth most-abused TLD for botnet command and control domains in its newly published Q4 statistics, a new entry on the top 20 table that raised researchers’ eyebrows.
From zero, .xxx went up to 223 C&C domains in the period, sandwiched between .ga’s 143 and .xyz’s 396, SpamHaus said. It worked out to 2.4% of .xxx’s active domains, the compamny said.
.com was of course still the runaway leader, with 3,719 C&C domains. .top came in second, with 715 domains.
SpamHaus said:
We don’t often see new TLD entries within the top five of this Botnet C&C Top 20; however, .xxx, an adult TLD, run by registry ICM, has entered at #4. With less than 10,000 active domains but a total of 223 domains associated with botnet C&C activity in Q4 we can only assume that there are problems.
It’s noteworthy because .xxx is not a cheap TLD. With wholesale prices around $60, they usually sell for around $100 a year. Botnet operators, like other types of malefactor, usually choose cheap domains for their activities.
But in 2021 .xxx was celebrating its 10th anniversary, and at least one company was offering names at a .com-equivalent $10 a year, starting in the middle of the year and extending into Q4.
While .xxx registry ICM is now owned by GoDaddy, it was still part of MMX at the time the pricing promotion began.
Recent Comments