MarkMonitor infiltrated by Syrian hackers targeting Facebook

The corporate brand protection registrar MarkMonitor was reportedly hacked yesterday by the group calling itself the Syrian Electronic Army, in an unsuccessful attempt to take out Facebook.
While MarkMonitor refused to confirm or deny the claims, the SEA, which has been conducting a campaign against high-profile western web sites for the last couple of years, tweeted several revealing screenshots.
One was a screen capture of a DomainTools Whois lookup for facebook.com, which does not appear to have been cached by DomainTools.

Happy Birthday Mark! http://t.co/yWBwvXPGRZ owned by #SEA http://t.co/gk8nGxATLt pic.twitter.com/eAeGp1TvBF

— SyrianElectronicArmy (@Official_SEA16) February 5, 2014

Another purported to be a cap of Facebook’s control panel at the registrar.

MarkMonitor Administration Panel. #SEA pic.twitter.com/7zDbUxHbYJ

— SyrianElectronicArmy (@Official_SEA16) February 6, 2014

The SEA tweeted more caps purporting to show it had access to domains belonging to Amazon and Yahoo!.
In response to an inquiry, MarkMonitor rather amusingly told DI “we do not comment on our clients — including neither confirming nor denying whether or not a company is a client.”
This despite the fact that the company publishes a searchable database of its clients on its web site.
The attackers were unable to take down Facebook itself because the company has rather wisely chosen to set its domain to use Verisign’s Registry Lock anti-hijacking service.
Registry Lock prevents domains’ DNS settings being changed automatically via registrar control panels. Instead, registrants need to provide a security pass phrase over the phone.

Comment Tagged: facebook, markmonitor, registry lock, syrian electronic army, verisign

Track new gTLD growth on DI PRO

DI PRO subscribers from today can track daily changes in new gTLD registration volumes.
The New gTLD Zone File Report is a simple, sortable table showing how each new gTLD has performed over the last 24 hours.
It’s the database I’ve been using for DI’s analysis of Donuts’ landrush numbers over the last week, but I’ve received a few requests to make the data available in a more structured way.

The data is also being incorporated into the next TLD Health Check update too, enabling longer-term views and interactive charts. More on that in due course.
DI PRO subscribers also receive access to the New gTLD Application Tracker, a calendar of crucial new gTLD launch dates, the New gTLD Collisions Database and many more useful services.

1 Comment Tagged: di pro, new gTLDs

Yes, there is cybersquatting in new gTLDs

With new TLDs, comes cybersquatting. It’s inevitable. And it’s also true of the new gTLDs that hit general availability this week.
The question of what is or is not cybersquatting is best left to a judge or UDRP panel, of course, but I’ve already come across plenty of newly registered domains that I do not believe would pass the UDRP test.
Sifting through select Whois records of domains that were registered in Donuts’ first seven gTLDs over the last few days, and without leaving the A’s, I’ve found the likes of: adidas.clothing, americanapparel.clothing, akamai.guru, americanexpress.guru. appleservice.guru and accenture.ventures.
Delving a little deeper into .clothing, I see the likes of kanyewest.clothing, ralphlauren.clothing, kardashiankollection.clothing, lauraashley.clothin, michaeljordan.clothing and more.
One Los Angeles clothing store appears to have registered several .clothing domains matching brands it does not own, possibly unaware that such behavior is frowned upon.
While there could be legitimate uses of the names I’ve highlighted here, possibly, they all appear to me to be registered to people unaffiliated with the referenced brands or celebrities.
I found more that are registered behind Whois privacy services, where it’s not possible to tell whether the domain belongs to the brand or not. Domains such as ibm.guru and ibm.ventures use Whois privacy, yet resolve to the IBM web site.
Cases of obvious UDRP losses seem to be few and far between, however. The vast majority of domains registered in these new gTLDs this week seem to be straightforward generic terms.
While I’m using the UDRP sniff test to highlight domains I feel may be cybersquatting, there’s a new process in town when it comes to disputes: the faster, cheaper Uniform Rapid Suspension policy.
URS has a higher burden of proof — “clear and convincing evidence” of bad faith registration and use — and it’s not yet clear how panelists will handle these cases.
There’s only been one URS case to date, that of facebok.pw, in which the domain was suspended following a complaint by Facebook.
In that case, Facebook was able to show bad faith by presenting the panelist with a list of other typo domains the respondent had registered.

2 Comments Tagged: .clothing, cybersquatting, donuts, new gTLDs, trademarks, uniform rapidsuspension, urs

First eight gTLDs have 26,000 names so far

Well, we now have a new gTLD domain name market.
After n years of debate, policy-making, delay, application, testing, delegation and newfangled launch processes, there are eight new gTLDs that are open for business.
Donuts yesterday opened up its first seven gTLDs to their ‘proper’ general availability — by which I mean landrush pricing is no longer applicable.
At more or less the same time its second seven — .lighting, .equipment, .graphics, .photography, .camera, .estate, and .gallery exited their sunrise periods and went into their Early Access Program.
Meanwhile, dotShabaka Registry’s شبكة. (“.web” in Arabic) came out of its more opaque landrush period with several hundred new registrations.
Together, these 15 gTLDs have 26,199 registrations so far, based on the names active in their zone files today. The eight fully live gTLDs have 25,575, almost half of which belong to Donuts’ .guru.
[table id=25 /]
The zone files are generated at about 0100 UTC and therefore do not represent the full first day of Donuts newly-GA gTLDs, but it’s clear that .guru is the domainer’s favorite so far.
The numbers are a long way off pretty much every new TLD launch we’ve seen to date.
Compare to .mobi, which had over 110,000 names at the end of its first week; .co, which sold 216,159 in its first 16 hours; or .xxx, which sold 55,367 names on day one.
Even Radix said it sold 4,000 .pw names in its first three hours and 50,000 in the first three weeks.
It should also be pointed out that none of the Donuts gTLD numbers include purchases of Domain Protected Marks List blocks, which do not show up in zone files.
That fact eliminates much of the noise from defensive registrations that we see in almost every other TLD.
For buyers (as opposed to blockers) market conditions are obviously different now too — a single TLD launching was once an event, the temporary alleviation of scarcity, whereas today Donuts alone expects to launch half a dozen every week for months.
And the Latin strings that have been launched so far don’t exactly capture the imagination, with .guru the possible exception.
Donuts’ portfolio, in my view, is based more on securing greenfield opportunities in vertical markets (plumbing, cameras, etc) rather than mining domain investors’ wallets on launch day.
One of the keys to the success of these things longer term is going to be how much use they get — when internet users start visiting new gTLD sites and seeing new gTLD URLs on billboards, momentum will build.

15 Comments Tagged: donuts, dotshabaka, eap, early access program, landrush, new gTLDs

Donuts made about $750,000 from landrush so far

Donuts managed to sell well over $500,000 in new gTLD domain names over the first six days of its Early Access Program, according to our calculations.
Our estimate, which is somewhere between back-of-the-envelope and hard analysis, is based on the latest zone files for its first seven live gTLDs — .bike, .clothing, .guru, .ventures, .holdings, .plumbing and .singles.
The exact number I believe is somewhere closer to $750,000, but it’s actually quite difficult to pin down the exact value of domains sold to date due to the complexity of the Donuts pricing scheme.
Zone files show that as of last night Donuts had sold at least 3,650 names across all seven of its new gTLDs currently on the market.
That’s including sunrise sales and the first six days of the novel EAP, which saw buy-now prices decrease every day for a week, but not including its Domain Protected Marks List blocks.
My revenue estimates are for EAP only, ignoring sunrise.
Donuts’ EAP fee started off at $10,000 on January 30, then was reduced to $2,500, $950, $500 and $100 every day. It’s been at $100 for the last few days and will revert to baseline prices tomorrow at 1600 UTC.
So by figuring out the registration date you can figure out how much the name sold for, kinda.
Domain Name Wire managed to establish last week that the company sold six three domains at $10,000.
Based on a few hundred additional Whois look-ups, DI has found that the company sold at least 120 names during EAP at at least $500 each, at least 150 at at least $950, and at least 25 at at least $2,500.
That would bring the total haul for the first few days of EAP fees to about $300,000.
Add all this to roughly $200,000 worth of names that have appeared in the zone files since the fee dropped to $100, and we get to about $500,000 in total EAP fees, not including sunrise names.
Add in the baseline registry fees and you get to something like $550,000.
However, Donuts has also priced many attractive names at a “baseline” premium. That means when regular pricing commences tomorrow, premiums will still cost more than regular names in each TLD.
A registrant told us today that gun.guru will costs him about $400 a year to renew. That’s the baseline price. Judging by the date, he paid $950 in EAP fees and Go Daddy’s registrar markup too.
There’s no way to easily figure out what the premium pricing was after a domain has already been sold, which makes it difficult to calculate Donuts’ landrush windfall, but I believe it’s in the region of $750,000 so far, with a day yet to run.
It’s an estimate of the revenue from EAP’s first six days, only counting first-year fees.
It also requires the same caveats as usual: we’re using zone file data here, which does not present a full picture of the number of names sold.
If the pricing scheme seems confusing to you, you’re not alone.
There wasn’t a great deal of participation by registrars in the EAP, due to concerns about the high prices, implementation work, and complexity causing confusion among customers.

@DomainIncite Mostly because the pricing is confusing to customers. We'll roll them out in search along with other extensions on the 5th.

— Hover CS (@hoverCS) January 29, 2014

@DomainIncite The amount of customization required for the EAP & high cost does not make it feasible to market / implement.

— Lexsynergy Limited (@LexsynergyLtd) January 29, 2014

Several registrars seem to be treating tomorrow’s price drop as the “proper” general availability launch date for the seven gTLDs concerned.
Go Daddy, which has had new gTLDs in its storefront for the last couple months, seems to have got the majority of registrations, as you might expect. Almost a quarter of names appearing in zone files over two days last week were registered via its Domains By Proxy privacy service.
That said, its Super Bowl commercials on Sunday do not appear to have made a significant impact, focused as they were on branding Go Daddy rather than any TLD offering.

15 Comments Tagged: .guru, donuts, eap, early access program, go daddy, landrush, new gTLDs

Meet the first new gTLD domainer

Gary Schultheis has bought hundreds of new gTLD domain names already and plans to buy thousands more this year.
The former venture capitalist doesn’t consider himself a domainer, but analysis of Whois records and zone files over the weekend shows he very likely spent more than anyone on Donuts’ seven newly launched gTLDs.
At one point he owned about 10% of the .guru zone.
Schultheis’ new company, ii.org, is betting big — and long-term — on being able to sell from a large a portfolio of new gTLD names, he told DI today.
Right now, his investments are concentrated on .guru, where he says he’s picked up “hundreds” of names already.
DI research shows ii.org spent roughly $30,000 on a couple dozen generic .guru names in a single day last week, including exercise.guru, medical.guru, socialmedia.guru and divorce.guru.
“We’re not from the domain industry,” Schultheis said. “Folks I’m working with are either from the financial industry or the data industry. We’re looking at this from a smart, data-driven, black-box methodology.”
Most recently, Schultheis was president of TLO.com, a company that provided background research and risk management data services. He says that’s informed his strategy with ii.org.
“I like to take vast amounts of data and make decisions based on actual data, rather than speculation and guesses,” he said. “We may buy one-offs based on news-driven events but we try not to act emotionally.”
He’d rather not talk about the specifics of the company’s algorithms, but said they were tested out to create a portfolio of .com names, with mixed results.
Flipping some of these .com names will provide operating revenue, he said, adding that he has access to potentially millions of dollars in funding due to his previous work.
“If we have some .com’s that are industry or location specific, we have enough confidence we can sell those easily for cash flow,” he said.
“Our strategy is not to buy a million dollar domain and try to sell it for two million dollars, we’re going to buy things that will turn quick or have the potential for a massive multiple in future.”
But revenue from new gTLD sales may not come for years, he said.
“We have a five-to-ten year window on these and don’t care if we don’t sell any of these for years,” he said.
With that in mind, part of the risk of investing in “premium” strings with Donuts — which has earmarked many generic words for higher renewal pricing — is the high carrying cost.
“Click traffic is not going cover the renewal costs of these name,” Schultheis said. “gun.guru is going to cost me $400 a year to carry.”
Schultheis said as a venture capitalist in the 1990s he became aware of .com names and started buying up his own. That became International Internet Inc, which was publicly listed in the late 1990s.
Schultheis said the company (from which ii.org gets its name) was worth a billion dollars at one point, though it seems to have gone out of business around the same time as the .com bubble burst.
Now, he reckons new gTLD names will start to acquire Google juice before long.
“We own computer.guru,” he said. “If you type in ‘computer’ into Google now I believe .com’s will outrank it, but I believe over time that with the Google algorithm becoming more specific when you type in ‘computer’ as it relates to an expert it’s possible we could be as strong as .com.”
Of the seven ASCII gTLDS currently on the open market, .guru is the only one ii.org has touched. Schultheis said. In future, he intends to concentrate on where he feels the big-money buyers are.
“We’re very interested in some of the city names,” he said. “But ones like .sexy and .ninja are more for a college-age person, and I don’t feel that the audience there will show the return we’re looking for.”
By contrast .guru speaks to executive types and companies with money to spend, he said.
Without naming names, he said some other gTLDs confuse him.
“With some of these TLDs we really scratch our head and say ‘What were they thinking?'” he said. “There are dozens of these things where I don’t know how they’re going to pay the bills.”
As for ii.org’s outlook, Schultheis said its portfolio is going to be a mix of assets that he thinks could be sold quick and others that are long-term plays.
“We know we’re early. Everyone wishes they could go back to early 90s and buy up all the .coms they could,” he said. “But I also own some .mobi’s so I know you can also be wrong.”

21 Comments Tagged: .guru, donuts, ii.org

Nominet names the date for shorter .uk addresses

Nominet is to start selling .uk domain names at the second level for the first time on June 10 this year.
The controversial Direct.uk service will enable people to register example.uk names, rather than example.co.uk names.
If you already own a .co.uk name, you’ll get five years to register the matching .uk before it is released into the pool of available names.
Nominet has created a new web site to market the sea-change in how .uk names are administered.

1 Comment Tagged: .uk, direct.uk, nominet

TLDH raises $33.6m to fight new gTLD auctions

Top Level Domain Holdings has raised £21 million with an institutional investor share placement to help it win some new gTLD contention set auctions.
Its total war chest following the $33.6 million-ish placement will be about $63 million, albeit with $15 million of that earmarked for a single, as-yet-unspecified auction.
The company is currently in 43 contention sets, most of which it apparently wants to resolve via private auction. TLDH said in a statement:

The Company believes private auctions provide a significant opportunity for the Company both to increase the number of high-value gTLDs within its portfolio and to generate cash from those gTLDs which it chooses to relinquish. Under the private auction process, the winning bid is divided equally and paid to the losing applicants net of the auctioneer’s fees.

As part of TLDH’s transition from a revenue-free penny stock to a trading company, it’s going to change its name to Minds + Machines Limited, via a reverse takeover of its subsidiary of the same name.
The company said the move will help with “stakeholder communications and branding”.
Finally, TLDH said that founding director Guy Elliott is to leave its board of directors and be replaced by new non-executive director Elliot Noss. Noss is of course CEO of rival registry/registrar Tucows.

Comment Tagged: auctions, m+m, Minds + Machines, new gTLDs, tldh, top level domain holdings, tucows

First Donuts new gTLD sunrise periods looking tiny

It’s possible that fewer than 1,200 domain names were registered in Donuts’ first seven new gTLD sunrise periods, judging by the latest zone file data.
According to Donuts zone files dated January 31, just 1,164 proper domain names currently exist in .clothing, .bike, .guru, .ventures, .holdings, .singles and .plumbing.
By TLD, the names break down like this:

.clothing — 560
.holdings — 166
.bike — 146
.ventures — 125
.guru — 117
.singles — 50
.plumbing — 44.

As far as I can tell, based on sample Whois lookups, all the names were registered during the gTLDs’ respective sunrise periods, not during the currently ongoing Early Access Program.
On the face of it, these look like very small sunrise periods indeed (consider .co, which had 11,000 registrations during its sunrise in 2011) but there are number of important caveats here.
First, this data might be wrong. There have been hiccups and glitches in registry zone file provision for weeks, and this might be one of those cases. I don’t think it is, but you never know.
Second, the data might be still incomplete. Names were to be allocated after the conclusion of Donuts end-date sunrise, which was January 24. Not all of these domains might have been allocated yet.
Third, these numbers don’t reflect “dark” domains. These are domain names that are not configured with name servers and therefore won’t show up in DNS zone files.
Fourth, and most importantly, domain names that have been blocked by trademark holders under Donuts’ parallel Domain Protected Marks List service do not show up in zone files.
DPML is the Donuts offering to trademark owners that drastically reduces the cost of blocking a mark — potentially to just a few dollars per domain per year — across all of the company’s gTLDs.
We already know from a bit of Whois detective work by World Trademark Review that the likes of Microsoft, Apple, Wal-Mart and Samsung blocked their brands across all seven of these TLDs.
DPML is a bit of a bargain if you’re dead-set on blocking your brand in as many TLDs as possible, and it’s possible — maybe even likely — that the number of DPML subscriptions outstripped actual sunrise registrations.
It’s a given that most valuable brands are more interested in preventing misuse than they are in participating in the new gTLD expansions — Microsoft has no use for microsoft.plumbing.
Judging by the zone files, domains registered during sunrise are largely appropriate to the gTLD — .clothing and .bike are full of clothing and biking brands, with very little crossover between the two, for example.
But there are plenty of exceptions to that rule.
Some other stuff I noticed
I had a dig through the files and did a few Whois look-ups whenever I saw a name that piqued my interest.
There are no hugely obvious examples of widespread gaming to be seen but some arguably generic names did go to some domain industry folk who have inside knowledge of the new gTLD program.
Notably, several people associated with new gTLD applications managed by Beverly Hills IP lawyer Thomas Brackey of Freund & Brackey seem to have picked up nice-looking generic domains during sunrise.
Luxury Partners of .luxury managed to get its hands on domains including luxury.clothing, for example, while What Box?, which applied for six gTLDs, grabbed realestate.guru and wedding.guru.
That’s right, apparently there are trademarks on “real estate” and “wedding” somewhere out there, and domain registry What Box? was able to provide the required proof that it’s using them in commerce.
Brackey himself is listed as the registrant of cloud.guru and direct.[tld] across the seven gTLDs, among others.
George Minardos of .build applicant Minardos Group acquired build.guru during sunrise too.
I wonder if any sunrise names will be challenged under Donuts’ Sunrise Dispute Resolution Policy.
While .guru has only attracted 117 registered names so far, it does appear to be the one place notoriously domain-shy Apple decided to actually play, presumably due to the support “gurus” it employs in its stores — ipad.guru, mac.guru and iphone.guru all went to the company.
There’s a “religious” flavor to some of the registrations there too — scientology.guru and darshan.guru were both registered by their respective organizations.
Amazon appears to be the most sunrise-happy of all registrants, grabbing dozens of (probably) useless names including kindle.plumbing, prime.ventures and aws.bike.
Some porn publishers seem to have gone a bit crazy too, with names such as m4m.plumbing and cam4.clothing making an appearance.
I found a few domains on my trawl that appear to have empty Whois records — christ.holdings and ghost.bike to name two amusingly appropriate examples — which doesn’t seem to be in the spirit of sunrise.
So there are definitely some oddities out there, but so far it does not appear to me based on my first look that massive numbers of trademark owners have been held to ransom, nor does there appear to have been any wholesale gaming of the system.

23 Comments Tagged: .bike, .clothing, .guru, .holdings, .plumbing, .singles, .ventures, donuts, freund & brackey, luxury partners, new gTLDs, sunrise, trademarks, what box

Directi joins Domain.com family in $100m deal

Endurance International, the holding company behind brands such as Domain.com and HostGator has closed the acquisition of top ten registrar Directi and some related companies.
The acquisition, which was announced last September is worth between $100 million and $110 million — $25.5 million in cash and the rest in shares and a promissory note.
The deal includes Directi properties BigRock (a registrar), ResellerClub (the reseller-focused registrar), LogicBoxes (the registrar management service) and webhosting.info.
It does not include Radix Registry, the company that applied for 31 new gTLDs, 28 of which applications are still active.
Directi CEO Bhavin Turakhia “has agreed to be closely involved in the integration of the two companies”, but it doesn’t sound like he’s taking on a permanent role at Endurance.
Endurance may not be a familiar brand in and of itself, but its businesses include Bluehost, HostGator, Domain.com, FatCow, iPage and Mojo Marketplace.

Comment Tagged: acquisition, directi, endurance, new gTLDs, radix