.TOP promises to play nice on DNS abuse

.TOP Registry is off the ICANN naughty step, almost a year after it became the first registry to be hit by a public contract-breach notice over ICANN’s latest rules on DNS abuse.

The Org took the highly unusual step yesterday of publishing a blog post drawing attention to what it clearly sees as a big Compliance win, ahead of its public meeting in Prague later this month, at which abuse will no doubt, as usual, be a key discussion topic.

ICANN said that it has been working with .TOP for months to put in systems aimed at reducing the abuse of .top domains. It posted:

.TOP Registry expressed its commitment to maintaining compliance with the DNS Abuse obligations and continuously strengthening its abuse detection and mitigation processes through newly established collaboration channels and a structured approach designed to drive ongoing enhancement. ICANN Compliance acknowledged that the remedial measures were sufficient to cure the Notice of Breach. We noted that future violations of these requirements will result in expedited compliance action, up to and including the issuance of additional Notices of Breach.

Compliance had hit .TOP with the breach notice last year over allegations that it repeatedly ignored abuse reports submitted by security researchers, and that it was ignoring Uniform Rapid Suspension notices.

Security outfit URLAbuse later revealed it was the party that had reported .TOP to ICANN.

.TOP is a Chinese registry that sells mainly via Chinese registrars, typically at under a couple bucks retail. A non-scientific perusal of its zone files reveals that the majority of the many thousands of domains it sells every day are nothing but disposable junk — random strings of characters with no meaning in any language.

While .top is far from alone in that regard, it is the most successful at the abuse-attractive low-price-high-volume business model. Its zone grew by almost 1.2 million domains in the last 12 months — the biggest growth spurt of any TLD — and it has just shy of four million domains today.

Despite this implausibly rapid growth, ICANN says that abuse reports for .top domains started falling in April and there has been a “noticeable decrease in reported abuse”.

The Org says it will “actively monitor the effectiveness of these new [.TOP] systems and processes, the Registry Operator’s abuse rankings and their compliance with the requirements.”

The registry has told ICANN it has already “mitigated” over 100,000 abusive domain names with its new systems and processes.

Launch dates for two more Amazon gTLDs revealed

Fresh from the launch of .free, .hot and .spot, Amazon has pencilled in launch dates for two more of its backlog of dormant gTLDs.

The company has told ICANN it plans to launch .talk and .fast later this year, with sunrise coming in August.

It also seems to be planning to start using .audible, one of its dot-brands, but that would not be available for public registration.

.fast and .talk are set to enter their sunrise periods from August 26 to September 25 this year, according to ICANN documentation. General availability would follow immediately.

If Amazon follows the same playbook as it did with the three gTLDs it launched last month, there would also be a five-day Early Access Period, with premium prices for early adopters.

The May launches have yet to set the world alight, perhaps in part due to their pricing (ranging from $30 to $60 retail), with best-performer .free’s zone file containing just 1,150 domains so far.

Some people paid premiums for .hot domain hacks

Amazon Registry’s launch of three gTLDs last week saw some registrants pay premium prices for .hot domain hacks.

Zone file data shows domains such as moons.hot and slings.hot were registered towards to the end of the five-day Early Access Period, with the registrant likely paying close to a thousand bucks for each.

cums.hot, longs.hot, moneys.hot, mugs.hot, pots.hot and ups.hot have all been registered, seeming by a broad range of registrants, at regular general availability prices since EAP closed May 17.

The EAP was lightly subscribed, if the zones are a guide. There were a handful of defensive registrations towards the end of the week, along with a few context-appropriate keywords like piping.hot.

.hot launched at the same time as .free and .spot, which don’t seem to have the same domain hack opportunities. Most EAP regs there were either defensives or keywords. Names like speak.free and live.free were registered.

As of today, .free is doing the best of the three, with 931 names in its zone, followed by .spot with 373 and .hot with 309.

.hot is for hookers? Amazon’s first premium regs revealed

Amazon Registry made three new gTLDs available to non-trademark-holders on Monday, and so far a handful registrants have taken up the offer of premium Early Access Period pricing.

The five-day EAPs for .free, .hot and .spot see prices start high and decrease each day until May 17, when they’ll settle at standard general availability pricing.

While the wholesale prices have not been published by Amazon, the registrar 101domain was retailing them for $6,299 on day one, $3,299 on day two, $1,399 on day three, $799 on day four, and $199 on day five.

GA pricing for .hot at 101domain will be $59.99, while .free will be $44.99 and .spot will be $29.99.

The early adopter(s) in .hot seem to be viewing it as a sex-related TLD along the lines of .xxx, .sex or .sexy. All the day-one registrations (in multiple languages) look set to be used for escort services.

The domains that popped up for the first time in the May 13 zone files were:

be.free
bible.free
sql.free

acompanhantes.hot
escort.hot
escorts.hot
incontri.hot
prepagos.hot
trans.hot

high.spot
hub.spot

The only new domain in the May 14 zones appears to be live.free. They’re not exactly flying off the shelves so far.

Because the zone files are generated at midnight UTC and Amazon’s EAP daily price-increase cut-off is 1259 UTC, it’s not possible to say for sure how much each registrant paid for their domain names.

Two deadbeat registrars get their ICANN marching orders

ICANN has terminated the registrar accreditation agreements of two Chinese companies, which appear to be under common ownership, because they didn’t pay their bills.

EJEE Group Beijing and VIP Internet Industry are both losing their contracts, effective later this month. Both have common contact details, apparently run by the same person who had another registrar terminated in 2017.

EJEE does its business at category-killer domain domain.cn, though the registration storefront appears to be broken. VIP Internet’s web site appears to be down entirely.

While both companies have sold thousands of domains in their time, both have had just one or two gTLD domains under management for the last 12 months, according to my records. No registrants will be affected, in other words.

ICANN seems to have been chasing the registrars for their overdue fees since March 2023, over two years ago, according to the termination notices.

DotMusic has sold a lot of names, but not many are turned on

DotMusic, the company that started selling .music domains seven months ago, has had a relatively successful launch, but one in four domains sold have not yet gone live.

The latest registry transaction reports show that there were just over 30,000 registered .music domains at the end of January. Registry CEO Constantine Roussos tells us it’s over 31,000 today.

“We have more registrations than any community TLD and it is not even close,” Roussos said.

It’s certainly true that .music is already the largest generic-term Spec 12 Community gTLD from the 2012 application round.

But while 31,000 in six months is a good start for a 2012-round gTLD, there are currently only about 7,500 domains in the .music zone file, showing that about three quarters of names have not been activated.

It’s not the lowest unactivated domains rate in gTLDs — only about 15% of .xxx’s registered names are in its zone file, for example — but it’s pretty low. The similarly-sized .baby has about 84% utilization.

A low utilization rate usually means a high proportion of defensive registrations — registrants have no intention of ever using their domains but want to keep them out of the hands of others — but something different might be going on here.

As a Community gTLD, .music has extra hoops to jump through before registrants can activate their domains.

They have to have their identity and nexus to the music industry verified and obtain a special code called a Music ID from the registry, which can also be used for future registrations.

Roussos said that “the majority of the registrants have never owned a domain name before, which is great news for us”. He added: “My other guess is that most just wait until they are ready to use the domain to get verified”.

He said that many registrants are choosing to take advantage of a feature called SmartPage, which gives bands a template-driven profile page containing basic information and links to their socials and such.

.med is a deeply weird gTLD, but it wants to be more normal

Medistry, the .med registry with a really strange business model, is looking to normalize its practices and start competing with the cluster of healthcare-related gTLDs already on the market.

The gTLD launched in 2016 and had almost 42,000 domains under management at the last count, which may sound like a pretty decent showing for a 2012-round niche registry (comparable to the likes of .beauty and .chat).

But there are a few caveats. For starters, only one non-registry .med domain has been indexed by Google, and it redirects to a .com web site.

Delve into the .med zone file, and you’ll discover that almost all of those 42,000 domains are 12 characters long and each comprises entirely numbers and hyphens. Doesn’t sound very sexy, does it?

Furthermore, delve into the Whois, and you’ll discover that all of those domains are registered via the registry’s in-house registrar, Name Share, to an entity affiliated with the registry itself.

A couple of years ago, having not sold more than a handful of .med domain names (I’ll get to the reasons for that in a moment), Medistry seems to have decided to reinvent .med as a directory for medicines.

In the US, all human medicines approved by the Food and Drug Administration are given a National Drug Code, a 10-digit unique identifier that the manufacturers are required to print on the packaging.

So, the domain name 55150-250-50.med refers to a bupivacaine hydrochloride injection, a surgical anaesthetic made by Eugia US LLC. Almost all .med domains follow this three-part NDC structure.

The domains seem to have been registered in service of Trust.med, another entity affiliated with the registry, which says it offers supply chain management services to the US healthcare industry.

Why the DNS is the best place to store this NDC information isn’t clear to me. All the .med names I checked came back NXDOMAIN and were marked as pendingDelete in the Whois despite being months away from expiration.

So… Plan C? Sell .med domains to any Tom, Dick or Harry who wants one, on a first-come, first-served basis.

Medistry says that, as of now:

A registrant of a .med domain name can be an individual or organization. All available domain names in .med are approved for registration on a first come, first serve basis through .med accredited registrars. .med domain names can also be purchased in the domain name aftermarket.

That’s hell and gone from the mission outlined in Medistry’s 2012 new gTLD application and its current Registry Agreement with ICANN, both of which outline some of the harshest registration restrictions of any TLD.

Its current ICANN contract states, in the Public Interest Commitments:

The lone method of domain name allocation in the TLD will be by Request for Proposal (RFP) under guidelines, rules and criteria as set forth by the Advisory Board in its sole discretion.

RFP for domain name registration in the TLD will be reviewed for approval by the Advisory Board, in its sole discretion, independent of Registry Operator.

PICs are enforceable by ICANN Compliance under the rarely used PIC Dispute Resolution Process, should there be a view that a registry is violating the contract.

Could Medistry be heading into stormy waters with Compliance? The company does have form in that regard — it’s owned by the same people who run .jobs registry Employ Media.

Employ Media got into a protracted fight with ICANN in 2012 over a service called Universe.jobs, which saw it register 40,000 generic .jobs domains to a close partner in order to turn the gTLD into a structured taxonomical jobs board.

ICANN thought the service was a breach of the .jobs RA and the two parties ended up in arbitration. ICANN eventually let Universe.jobs go ahead but it fizzled out a few years later when Employ Media came to blows with its partner.

Is history repeating itself with .med’s sudden change of business model?

Medistry says that full general availability for .med names will begin on September 2, but it’s telling registrars (pdf) they can “Pre-Register any domain to guarantee registration beginning on September 2” by emailing them a list of names.

It’s also looking to on-board more registrars. As of the end of January, the only registrars to ever sell a .med domain were owned by the registry. It uses Nominet as its back-end.

.med would compete against the likes of .doctor, .surgery, .health and .clinic.

.es and .pt riding out massive power outage

A lesson in the importance of redundancy in your DNS architecture?

The ccTLDs for Spain and Portugal seem to be largely unaffected by an ongoing power cut that has seen both countries go into blackout (metaphorically) for the last several hours.

At time of writing, no explanation for the outage, which has also affected parts of France, has been given by authorities. Traffic lights, public transport, airports, radio stations and telecommunications networks have all reportedly been affected.

But .es and .pt domains appear to be resolving just fine, at least from where I’m sitting.

Both registries — DNS.pt and Red.es — have DNS resolution services distributed across multiple nameservers managed by multiple providers in multiple global locations.

As well as at home in Lisbon, .pt’s nameservers can be found as far afield as California and Brazil through partners Packet Clearing House and Nic.br. Red.es also uses PCH in California, though its remaining nodes are in Madrid.

Any data center worth a damn has an uninterruptable power supply and backup generators, so one assumes the local DNS nodes are up and running too.

DNS.pt has posted a notice on its web site saying that customer services are currently unavailable due to “circumstances beyond our control”.

It’s not clear if other registry systems have been affected by the outage, but presumably with a total lack of electricity registrants have more pressing things to worry about, like how to get home from work and whether the food in their freezers will be edible when they get there.

.com is back as Verisign discounts bear fruit

Verisign’s .com returned to growth in the first quarter after the company offered its registrars marketing programs that substantially discounted the retail price of domains.

The company ended the quarter with 169.8 million .com and .net domains under management, a 777,000-name increase on the end of 2024. It’s the first time it’s reported quarterly DUM growth in almost two years.

While the company did not break out the split between the two TLDs, my records show that .com’s zone file grew by about 800,000 names during the quarter, while .net’s shrank by about 100,000.

Verisign has now upgraded its guidance for DUM growth this year to between a 0.7% decrease and a 0.9% increase, the first time its guidance has had a top-end in positive territory in some time. In February, it guided at between negative 2.3% and negative 0.3%.

The major reason for the reversal of fortunes is the program of discounts that have seen some registrars sell .com domains to customers recently for less than half of the usual $10.26 wholesale price.

“It’s still early, but we do see signs of registrars shifting towards customer acquisition, and we also see more registrar engagement with our marketing programs,” CEO Jim Bidzos said on an earnings call with analysts tonight.

In previous quarters last year, the fact that registrars were focused on squeezing more revenue out of their customers, rather than driving new registrations, was blamed for .com losing DUM.

Bidzos said that sales were up across all three of its core geographic markets — the US, EMEA and Asia-Pacific. On previous calls, North America and China were noted for weaknesses.

If there’s any reason to believe that the guidance is cautious, it’s because of what Bidzos and analysts euphemistically referred to as “the macro”, or “macro-economic situation”.

At this particular point in history, that’s code for US President Donald Trump’s erratic behavior with regard to world trade and tariffs, that has spooked economies globally. It’s not at all clear yet how this crisis might affect the domains market.

Verisign reported net income of $199 million for the quarter, up from $194 million a year ago, on revenue up 4.7% at $402 million. Operating income was up from $259 million to $271 million

The company, which has to date mainly been rewarding investors with share buybacks, has now also started issuing quarterly cash dividends. This quarter, they’re all getting $0.77 per share.

Dot-brand actually being used to get deleted

A Chinese clothing company has asked ICANN to delete its dot-brand gTLD, despite the fact that it is being used for web sites and email.

Redstone Haute Couture wants rid of .redstone, which has been in active use for almost a decade.

My database shows that it has about a dozen names, most registered in 2016 and most of which resolve, not redirect, to web sites.

Several have MX records, suggesting they are or were being used for email too.

No reason was given for Redstone’s request. The brand itself doesn’t seem have been retired, though the company is perhaps better known for its product lines such as Giada and Curiel.

The company was using ZDNS as its back-end registry services provider.