Recent Posts
- Alibaba, Name.com among new RDRS opt-ins
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
- UK cybersquatting complaints hit record low
- No excuses! PIR to pay for ALL registries to tackle child abuse
- ICANN insists it is working on linkification
- Namecheap sues ICANN over .org price caps
- GoDaddy offers free Ethereum blockchain integration
- Epik reveals who is running the company
- Epik gets acquired again! The plot thickens…
- Airline gTLD crashes and burns
- First chunks of new gTLD Applicant Guidebook drop
- Epik to reveal its owners soon
- Another crypto firm to apply for a new gTLD
- Monster and Royce are NOT involved in Epik?!
- Nominet to overhaul .uk registry, turn off some services
- Russia blames DNSSEC, not Ukraine, for internet downtime
- Team Internet says revenue beat estimates
- Sold for over $20k, insure.ai and dog.ai back in .ai’s expired names auction
- .ai helps UDRP cases rise in 2023, WIPO says
- Freenom’s domains land at Gandi after termination
- .ru domains fly off the shelf as Western sanctions bite
- ICANN picks its first ever Supreme Court
- Lebanon’s ccTLD going back to Lebanon after ICANN takeover
- ICANN picks the domain it will never, ever release
- ICANN approves domain takedown rules
- Has Epik gone “woke”?
- First bits of new gTLD Applicant Guidebook expected next week
- ICANN bans closed generics for the foreseeable
- You can’t use money to buy .box domains
- After 14 years, ICANN practices what it preaches on IDNs
- Weak demand for private Whois data, ICANN data shows
- .ing doing way better than .meme
- DNS Women barred from ICANN funding?
- Dev releases free open-source TLD registry platform
- INCO flips a gTLD to Identity Digital
- Anguilla fears the .ai junk drop
- Five more gTLDs get launch dates
- $10 million of ICANN cash up for grabs
- Almost 50,000 .ai domains sold in a quarter
- ICANN threatens to regulate your speech [RANT]
- Life insurance company kills dot-brand
- ICANN finds new home for Lebanon’s TLD after founder’s death
- ICANN begs people to use its new Whois service
- Shiba Inu outs itself as crypto new gTLD applicant
- Over 50,000 .ai domains sold in three months
- Amazon planning new push into registrar market?
- Registries and registrars vote ‘Yes’ to new DNS abuse rules
- ICANN predicts flattish 2025 for domain industry
- Fast-growing Gname buys another 150 registrars
- GoDaddy service to let you block domains in over 650 TLDs
- Did I find a murder weapon in a zone file?
- ICANN drops the “man” from Ombudsman
- Have your say on police domain takedown powers
- Most registrars are shunning ICANN’s new Whois system
- Nominet to take over .gov.uk
- ICANN picks Istanbul for 2024 meeting
- ICANN’s private Whois data request service goes live
- .au regs slide on 2LD anniversary
- ICANN accused of power grab over $271 million auction fund
- A registrar is getting blamed for an Israeli war propaganda site
- Two more dot-brands bite the dust
- Google sells five-figure AI domain and six-figure .ing hack
- .blackfriday is still a bit rubbish
- Internet Naming Co acquires five more gTLDs
- Domain universe grows despite .com drag
.blog registry handover did NOT go smoothly
The transition of .blog between registry back-end providers ended up taking six times longer than originally planned, due to “a series of unforeseen issues”.
Registry Knock Knock Whois There today told registrars that the move from Nominet to CentralNic took 18 hours to complete, far longer than the two to three hours anticipated.
An “unexpected database error” was blamed at one point for the delay, but KKWT said it is still conducting a post-mortem to figure out exactly what went wrong.
During the downtime, .blog registrations, renewals, transfers and general domain management at the registry level would not have been possible.
DNS resolution was not affected, so registrants of .blog domains would have been able to use their web sites and email as usual.
The migration, which covered roughly 200,000 domains, wrapped up at around 0800 UTC this morning. It seems engineers at the two back-end providers, both based in the UK, will have been working throughout the night to fix the issues.
KKWT reported the new CentralNIC EPP back-end functioning as expected but that several days of “post-migration clean-up” are to be expected.
Eighteen hours is more than the acceptable 14 hours of monthly downtime for EPP services under ICANN’s standard Registry Agreement, but below the 24 hours of weekly downtime at which emergency measures kick in.
CentralNic already handles very large TLDs, including .xyz, but I believe this is the largest incoming migration it’s handled to date.
KKWT is owned by Automattic, the same company as WordPress.com.
.icu joins the million-domains club in one year, but spam triples
Another new gTLD has joined the exclusive list of those to enter seven figures in terms of domains under management.
.icu, managed by ShortDot, topped one million names this week, according to COO Kevin Kopas.
It’s taken about a month for DUM to increase from 900,000 names, and if zone files are any guide half of that growth seems to have happened in the last week.
.icu domains currently sell for between $1 and $2 for the first year at the cheap end of the market, where most regs are concentrated, with renewals closer to the $10 mark.
The gTLD joins the likes of .club, .xyz, .site and .online to cross the seven-figure threshold.
When we reported on the 900,000-reg mark at the end of May, we noted that .icu had a SpamHaus “badness” rating of 6.4%, meaning that 6.4% of all the emails coming from .icu addresses that SpamHaus saw were classified as spam.
That score was roughly the same as .com, so therefore pretty respectable.
But in the meantime, .icu’s badness score has almost tripled, to 17.4%, while .com’s has stayed about the same.
Picking through the Google search results and Alexa list for .icu domains, it appears that high-quality legit web sites are few and far between.
Whether that’s a fixable symptom of .icu’s rapid growth — it’s only about 13 months post-launch — or a predictor of poor long-term potential remains to be seen.
XYZ weighs into Epik controversy with .monster fundraising domain
New gTLD registry XYZ.com has set up a domain to help raise money for victims of the terrorist attack in Christchurch, New Zealand last week.
The domain is give.monster. It redirects to a page on Givealittle.co.nz, a Kiwi crowdfunding site, that has so far raised almost NZD 7.8 million ($5.3 million) for the victims of the attack, which killed 50 and injured many more last Friday.
Given the amount of coverage in the New Zealand press, it appears that the fundraising page is legit.
The domain is obviously a reference to Epik.com CEO Rob Monster, who has come in for criticism this week for hosting and sharing the terrorist’s video of the attack, and then suggesting it might be a hoax, as I blogged earlier today.
XYZ is able to create this domain because it is the registry for .monster, a gTLD it acquired last year that is currently slap-bang in the middle of its early access launch period.
Whois records show that the domain was created a little over an hour ago and belongs to XYZ.com LLC.
I learned about it through this comment on DI:
We are sorry to see this in our industry… Please visit http://www.Give.Monster and donate to support victims of the horrific Christchurch shootings. Thank you for your support.
XYZ.com is the registry for .xyz, .college, .rent and other gTLDs. .monster previously belonged to recruitment web site Monster.com.
Phishing still on the decline, despite Whois privacy
The number of detected phishing attacks almost halved last year, despite the fact that new Whois privacy rules have made it cheaper for attackers to hide their identities.
There were 138,328 attacks in the fourth quarter of 2018, according to the Anti-Phishing Working Group, down from 151,014 in Q3, 233,040 in Q2, and 263,538 in Q1.
That’s a huge decline from the start of the year, which does not seem to have been slowed up by the introduction in May of the General Data Protection Regulation and ICANN’s Temp Spec, which together force the redaction of most personal data from public Whois records.
The findings could be used by privacy advocates to demonstrate that Whois redaction has not lead to an increase in cybercrime, as their opponents had predicted.
But the data may be slightly misleading.
APWG notes that it can only count the attacks it can find, and that phishers are becoming increasingly sophisticated in how they attempt to avoid detection. The group said in a press release:
There is growing concern that the decline may be due to under-detection. The detection and documentation of some phishing URLs has been complicated by phishers obfuscating phishing URLs with techniques such as Web-spider deflection schemes – and by employing multiple redirects in spam-based phishing campaigns, which take users (and automated detectors) from an email lure through multiple URLs on multiple domains before depositing the potential victim at the actual phishing site.
It also speculates that criminals once involved in phishing may have moved on to “more specialized and lucrative forms of e-crime”.
The Q4 report (pdf) also breaks down phishing attacks by TLD, though comparisons here are difficult because APWG doesn’t always release this data.
The group found .com to still have the most phishing domains — 2,098 of the 4,485 unique domains used in attacks, or about 47%. According to Verisign’s own data, .com only has 40% market share of total registered domains.
But new, 2012-round gTLDs had phishing levels below their market share — 4.95% of phishing on a 6.83% share. This is actually up compared to the 3% recorded by APWG in Q3 2017, the most recent available data I could find.
Only two of the top 20 most-abused TLDs were new gTLDs — .xyz and .online, which had just 70 attack domains between them. That’s good news for .xyz, which in its early days saw 10 times as much phishing abuse.
After .com, the most-abused TLD was .pw, the ccTLD for Palau run by Radix as an unrestricted pseudo-gTLD. It had 374 attack domains in Q4, APWG said.
Other ccTLDs with relatively high numbers included several African zones run as freebies by Freenom, as well as the United Kingdom’s .uk and Brazil’s .br.
Phishing is only one form of cybercrime, of course, and ICANN’s own data shows that when you take into account spam, new gTLDs are actually hugely over-represented.
According to ICANN’s inaugural Domain Abuse Activity Reporting report (pdf), which covers January, over half of cybercrime domains are in the new gTLDs.
That’s almost entirely due to spam. One in 10 of the threats ICANN analyzed were spam, as identified by the likes of SpamHaus and SURBL. DAAR does not include ccTLD data.
The takeaway here appears to be that spammers love new gTLDs, but phishers are far less keen.
ICANN did not break down which gTLDs were the biggest offenders, but it did say that 52% of threats found in new gTLDs were found in just 10 new gTLDs.
This reluctance to name and shame the worst offenders prompted one APWG director, former ICANN senior security technologist Dave Piscitello, to harshly criticize his former employer in a personal blog post last month.
XYZ reveals .monster gTLD launch dates
XYZ.com has quietly unveiled its launch plan for its recently acquired gTLD, .monster.
General availability, with no eligibility requirements, is due to begin April 1.
The 30-day sunrise period is due to begin in just a couple of weeks — February 18.
.monster was acquired late last year from recruitment web site Monster.com, which had intended to operate it as a dot-brand, for an undisclosed sum.
Before the acquisition closed, Monster and ICANN amended the registry contract to cut the special dot-brand terms that would have removed the need for a sunrise period and would have prevented the domain being sold to regular registrants.
XYZ also intends to run a week-long Early Access Period — where premium prices apply — starting March 21.
I quite like the idea of .monster as an open gTLD.
While it’s certainly not going to perform as well volume-wise as .xyz, say, I can see it fitting nicely into the “quirky” niche occupied currently but the likes of Donuts’ .guru and .ninja — not really viable as standalone TLDs, but decent enough as part of a portfolio.
The company is pitching the TLD as “a domain for creative thinkers, masters of their craft, and modern-day renegades.”
Two controversial new gTLDs launching in January
Five years after the first batch of new gTLDs hit the market, registries continue to drip-feed them into the internet.
At least two more are due to launch on January 16 — .dev and .inc.
.dev is the latest of Google’s portfolio to be released, aimed at the software developer market.
It proved controversial briefly when it first was added to the DNS in 2014, causing headaches for some developers who were already using .dev domains on their private networks.
Four years is plenty of time for all of these collisions to have been cleaned up, however, so I can’t imagine many problems emerging when people start buying these names.
.dev starts a one-month sunrise January 16, sells at early access prices from February 19 to 28 before going to regular-price general availability.
Google has already launched one of its own products, web.dev, a testing tool for web developers, on a .dev domain.
Launching with a pretty much identical phased launch plan is .inc, from new market entrant Intercap Holdings, a Caymans-based subsidiary of a Toronto firm founded by .tv founder Jason Chapnik and managed by .xyz alumnus Shayan Rostam.
Intercap bought the .inc contract from Edmon Chong’s GTLD Limited earlier this year for an undisclosed sum. GTLD Ltd is believed to have paid in excess of $15 million for the TLD at auction.
.inc has proved controversial in the past, attracting criticism from states attorneys general in the US, which backed another bidder.
It may prove controversial in future, too. I have a hunch it’s going to attract more than its fair share of cybersquatters and will probably do quite well out of defensive registration fees.
Spammy .loan makes Alibaba fastest-growing and fastest-shrinking registrar in June
Chinese registrar Alibaba was both the fastest-growing and fastest-shrinking registrar in June, purely due to its dalliance with hundreds of thousands of cheap .loan domain names.
Stats compiled by DI from the latest monthly registry reports show that Alibaba’s Singapore-based registrar — which has only been active for a year — grew its domains under management by 720,669 in June, almost four times as many as second-placed NameCheap.
The huge increase was due to Alibaba’s DUM in .loan doubling in June, going from from 621,851 to 1,274,532. Another 50,000 extra domains came from .win.
Both .loan and .win are run by registry GRS Domains, the company that replaced Famous Four Media as manager of the Domain Venture Partners gTLD portfolio.
According to SpamHaus, .loan has a “badness” of just shy of 90%, based on a sample size of 45,000 observed domains. SpamHaus has .win at almost 39% bad.
GRS has promised to turn its portfolio around and cut off its deep-discounting promotions effective August 20. The June figures reflect a time when discounts were still in place.
The Singapore Alibaba had DUM of 1,771,730 at the end of June.
At the bottom end of the June league table was a second Alibaba accrediation, Beijing-based Alibaba Cloud Computing (aka HiChina or net.cn), which had a net DUM loss of 266,411, after seeing 345,268 deletes in .loan (along with 45,000 deletes in .xyz and 35,000 in .xin).
The second biggest loser was AlpNames, which is owned by the same people as Famous Four, which deleted over 114,000 names in the month. The vast majority of these names were in FFM/GRS gTLDs, including .loan.
The main, earliest Alibaba accreditation, Alibaba Cloud Computing (Beijing), which has zero exposure to new gTLDs, grew by 69,794 domains to end June as the seventh fastest-growing registrar with DUM of 7,672,594.
As of a couple weeks ago, Alibaba has a fourth ICANN accreditation, Alibaba Cloud US LLC, but that obviously does not figure into the June numbers.
Here’s the top 10 registrars for June by DUM growth:
[table id=52 /]
And the bottom 10:
[table id=53 /]
You may notice that in both tables the net change column is not equal to the sum of adds and net transfers minus deletes. This is because, per ICANN contract, domains still in their five-day Add Grace Period are counted in DUM but not in adds, so many adds slip over into the following month.
ICANN heads to Mar-a-Lago for budget crisis talks
Cash-strapped ICANN has invited select community members to emergency budget talks at the Mar-a-Lago resort in Florida, DI has learned.
The three-day summit next week will address how best to spend the organization’s $138 million annual budget, along with its $236 million auction proceeds war chest and its $80 million of leftover new gTLD application fees.
“Recent public comments have made it clear than many valued ICANN community members have misunderstood our FY19 budget,” CEO Goran Marby said. “I believe a long weekend of intensive discussions at Mar-a-Lago should persuade the community that we’re actually on the right track.”
To encourage participation from an increasingly weary volunteer pool, attendees will be treated to complimentary spa treatments, golfing, and the most beautiful pieces of chocolate cake, he said.
DI has managed to obtain a preliminary agenda for the summit, which can be read here (pdf).
Business-class flights and three nights’ accommodation at the exclusive members club will be covered by ICANN.
Mar-a-Lago, purchased by Donald Trump in the 1980s, is a “six-star” resort in Palm Beach, Florida. It was originally a five-star hotel, until 2004 when Trump purchased the one-star hotel next door and knocked through.
Marby defended the choice of venue, pointing out that the guest list is to be strictly limited to the ICANN board of directors, industry CEOs, and members of the Intellectual Property Constituency.
DI understands that the IPC will be permitted to invite members of the Non-Commercial Stakeholder Group to attend, should they require golf caddies.
To ensure gender diversity, all attendees will be able to bring along their spouses or partners. ICANN will make up any shortfall by hiring decorative females from a pool of Trump litigants.
A small support team of 50 ICANN staffers will also be available to hand out fresh towels, collect empty glasses, and so on.
Remote participation will be available via AOL Instant Messenger.
Chief financial officer Xavier Calvez declined to disclose the cost of the summit, citing privacy concerns caused by “GDPR or something”, but DI understands it is to be accounted for as a line item in ICANN’s Federal lobbying disclosure.
Calvez said ICANN has managed to negotiate “substantial” bulk discounts on the usual $200,000 Mar-a-Lago membership fees and $2,000-a-night room rates.
The cost will also be offset by sponsorship contributions from ICANNwiki and the National Rifle Association, he said.
Registry and registrar CEOs polled by DI this weekend were split on whether they would attend.
“Of course I’m going,” Blacknight CEO Michele Neylon told us by phone from an airport lounge in Kigali.
But .xyz chief Daniel Negari said he would attend only if he can secure sufficient funding for his bus fare to the airport.
Among the cost-cutting proposals on the menu, DI understands, is a request to consolidate all current and future policy working groups into a single, unified WG.
Sources say this would have the added benefit of reducing the annual policy implementation budget to zero dollars between now and, at the earliest, 2045.
Cybersquatting cases up because of .com
The World Intellectual Property Organization handled cybersquatting cases covering almost a thousand extra domain names in 2017 over the previous year, but almost all of the growth came from complaints about .com names, according to the latest WIPO stats.
There were 3,074 UDRP cases filed with WIPO in 2017, up about 1.2% from the 3,036 cases heard in 2016, WIPO said in its annual roundup last week.
That’s slower growth than 2016, which saw a 10% increase in cases over the previous year.
But the number domains complained about in UDRP was up more sharply — 6,370 domains versus 5,374 in 2016.
WIPO said that 12% of its 2017 cases covered domains registered in new gTLDs, down from 16% in 2016.
If you drill into its numbers, you see that 3,997 .com domains were complained about in 2017, up by 862 domains or 27% from the 3,135 seen in 2016.
.com accounted for 66% of UDRP’d domains in 2016 and 70% in 2017. The top four domains in WIPO’s table are all legacy gTLDs.
As usual when looking at stats for basically anything in the domain business in the last few years, the tumescent rise and meteoric fall of .xyz and .top have a lot to say about the numbers.
In 2016, they accounted for 321 and 153 of WIPO’s UDRP domains respectively, but they were down to 66 and 24 domains in 2017.
Instead, three Radix TLDs — .store, .site and .online — took the honors as the most complained-about new gTLDs, with 98, 79, and 74 domains respectively. Each of those three TLDs saw dozens more complained-about domains in 2017 than in 2016.
As usual, interpreting WIPO’s annual numbers requires caution for a number of reasons, among them: WIPO is not the only dispute resolution provider to handle UDRP cases, rises and falls in UDRP filings do not necessarily equate to rises and falls in cybersquatting, and comparisons between .com and new gTLDs do not take into account that new gTLDs also have the URS as an alternative dispute mechanism.
CentralNic and KeyDrive in merger talks
CentralNic and KeyDrive, two major European domain firms, are in merger talks, CentralNic confirmed this morning.
CentralNic said that the transaction, should it close, would be a “reverse takeover” of itself by KeyDrive.
That’s where a private company, in this case KeyDrive, reverses into a public one, in this case AIM-listed CentralNic.
Luxembourg-based KeyDrive is the holding company for brands including the registrars Key-Systems, Moniker and BrandShelter and the registries OpenRegistry and KSRegistry.
London-based CentralNic is a registry provider for the likes of .xyz, recent acquirer of Slovakian TLD .sk, and owner of registrars Internet.bs and Instra.
CentralNic said: “CentralNic and KeyDrive Group believe that the combination of the two businesses would have strong strategic logic and economies of scale, and would represent an opportunity to create a group with advanced technology platforms delivering significant recurring revenues for every major customer type within the industry.”
If a deal should be struck, it would happen in the second quarter, the company said.
The announcement was made today after news of the talks leaked.
Trading in CentralNic shares has been temporarily suspended.
Recent Comments