Latest news of the domain name industry

Recent Posts

Dynadot takes down its own web site after apparent breach

Dynadot took the drastic move of turning off its own web site last week after noticing an apparent security breach.

The registrar also reset all of its customers’ passwords, acknowledging the pair of moves were “extremely inconvenient”.

It’s not clear from the company’s statement whether there really had been an attack or whether it overreacted

It said “our system noticed irregular activity” but later brought its site back up after staff “investigated and determined there was not a threat”.

The company said it has engaged “cyber security experts” to help it out in future.

Russian registry hit with second breach notice after downtime

ICANN has issued another breach notice against the registry for .gdn, which seems to be suffering technical problems and isn’t up-to-date on its bills.

Navigation-Information Systems seems to have experienced about 36 hours of Whois/RDDS downtime starting from April 22, and is past due with its quarterly ICANN fees, according to the notice.

Contractually, if ICANN’s probes detect downtime of Whois more than 24 hours per week, that’s enough to trigger emergency measures, allowing ICANN to migrate the TLD to an Emergency Back-End Registry Operator.

Today, the registry’s web site hasn’t resolved for me in several hours, timing out instead, suggesting serious technical problems. Other non-registry .gdn web sites seem to work just fine.

NIS seems to be a Russian company — although most ICANN records give addresses in Dubai and Toronto — so it might be tempting to speculate that its troubles might be a result of some kind of cyber-war related to the Ukraine invasion.

But it’s not the first time this has happened by a long shot.

The company experienced a pretty much identical problem twice a year earlier, and it seems to have happened in 2018 and 2019 also.

NIS just can’t seem to keep its Whois up.

According to the breach notice, whenever Compliance manages to reach the registry’s 24/7 emergency contact they’re told he/she can’t help.

ICANN has given the registry until May 29 to fix its systems and pay up, or risk termination.

.gdn was originally applied for as something related to satellites, but it launched as an open generic that attracted over 300,000 registrations, mostly via disgraced registrar AlpNames, earning it a leading position in spam blocklists. Today, it has around 11,000 names under management, mostly via a Dubai registrar that seems to deal purely in .gdn names.

Two countries could lose registrar competition after breach notices

ICANN has issued breach-of-contract notices to two small registrars, potentially reducing the number of accredited registrars in two countries to just one.

It’s sent notices to Tecnologia, Desarrollo Y Mercado S de RL de CV, one of two accredited registrars based in Honduras, and to Innovadeus, one of only two in Bangladesh.

In the former case, ICANN claims TDM has failed to respond to abuse reports and has been generally sluggish and reluctant to cooperate with Compliance requests.

In the case of Innovadeus, it claims the registrar — which records show has lost almost all of its domains under management in the last couple of years — has failed to pay its accreditation fees.

TDM has been told to shape up by May 27. Innovadeus has been given until May 26 to pay up. Failure in either case could mean termination.

Registrar hit with second porn UDRP breach notice this year

Kevin Murphy, February 21, 2022, Domain Registrars

A Chinese registrar group has been accused by ICANN of shirking its UDRP obligations for the second time this year.

ICANN has put Hong Kong-based DomainName Highway on notice that is in breach of its contract for failing to transfer the domain 1ockheedmartin.com to defense contractor Lockheed Martin.

The domain is a straightforward case of typosquatting, with the initial L replaced with a numeral 1. At time of writing, it still resolves to a page of pornographic thumbnail links, despite being lost in a UDRP case January 4.

Under UDRP rules, registrars have 10 days to transfer a UDRP-losing domain to the trademark owner, unless a lawsuit prevents it.

The circumstances are very similar to a breach notice ICANN issued against ThreadAgent.com over a case of BMW’s brand being cybersquatted with porn last month.

Both ThreadAgent and DomainName Highway appear to be part of the XZ.com, aka Xiamen DianMedia Network Technology Co, which is based in China but has about 20 accredited registrars based in Hong Kong.

DomainName Highway has about 30,000 gTLD domains under management.

Alice’s Registry disappears down the rabbit hole

Kevin Murphy, October 13, 2021, Domain Registrars

One of the oldest domain registrars appears to be on its way out.

San Francisco-based Alice’s Registry has been hit with a breach notice and termination warning by ICANN after apparently being incommunicado for over a year.

According to ICANN, they last spoke in August 2020, when AR indicated that it was thinking about “shutting down the registrar business”.

Since then, the web site has stopped working and ICANN can’t get through on the telephone.

The breach notice claims past-due fees and a failure to operate a working Whois service, and gives the registrar until November 1 to pay up or get its contract terminated.

Alice’s Registry is one of the oldest registrars, founded in 1999, but it’s never had more than a few thousand names under management. Its founder, Rick Wesson, has been involved in the ICANN community since pretty much the beginning.

Formerly massive drop-catcher faces ICANN probe

Kevin Murphy, April 26, 2021, Domain Registrars

Pheenix, which used to operate a network of hundreds of accredited registrars, now faces potentially losing its last remaining accreditation, due to an ICANN probe.

ICANN told the US-based company in a breach notice last week that it faces additional action unless it fixes a bunch of problems related to domain transfers and Whois before May 14.

According to ICANN, for over a year Pheenix has been declining to provide data showing it is in compliance with the Expired Registration Recovery Policy and the Transfer Policy, related to dozens of domains.

Pheenix was told about at least one such disputed domain as far back as February last year, but ICANN says it’s been unresponsive to its outreach.

It’s also failed to implement an RDAP server, which ICANN has been nagging it about since October 2019. RDAP, the Registration Data Access Protocol, is the successor protocol to Whois.

A quick spot-check reveals that the disputed names are traffic domains once belonging to legitimate organizations, usually with inbound Wikipedia links, that were captured after the organization in question folded and its domains expired. Most were repurposed with low-quality content and advertising.

That fits in with Pheenix’s registrar business model. It was until a few years ago a huge drop-catching player, with over 500 shell accreditations it used to gain speedy access to dropping domains.

But it dumped almost 450 of these in November 2017, and another 50 the following April.

Since then, Pheenix’s primary IANA number (the coveted “888”) has been associated with fewer and fewer domains.

It had 6,930 domains under management at the end of 2020, down from a November 2017 peak of 71,592.

It hasn’t recorded any new domain adds in any gTLDs since April 2020.

According ICANN’s chronology of events, it’s sent dozens of emails, faxes and voicemails over the last year, related to multiple domain names, and it’s only received a single email in response. And that was in May 2020.

ICANN finally cans Net 4 India

iCANN has terminated Net 4 India’s registrar accreditation, after many months of criticism and foot-dragging and a recent sharp uptick in customer complaints.

The move comes after an unprecedented four concurrent public breach notices over 20 months, almost four years after the company entered insolvency proceedings — grounds for termination which ICANN became aware of almost two years ago.

ICANN has received over 2,600 customer complaints over the last year, and almost 1,000 of these were submitted in February alone, according to the organization.

“The termination of the RAA is due to Net 4 India’s repeated and consistent breaches of the RAA and failure to cure such breaches despite multiple notices from ICANN and opportunity to cure,” ICANN said in its ginormous 59-page execution warrant (pdf).

Among the charges ICANN levels at Net4 is its failure to operate a functioning Whois service, something it’s warned the company about 30 times since November.

This hindered ICANN’s ability to investigate the more serious charges — that Net4 transferred some of its customers’ domains to a different registrar, OpenProvider, without their knowledge or consent, in violation of ICANN transfer policies.

The registrar also failed to enable its customers to renew their expired domains or transfer them to other registrars, also in violation of binding policy, ICANN said.

ICANN said:

Currently, more than 400 cases remain unresolved; and hundreds of complaints are still under review, which, once vetted, will become more new cases. In addition, ICANN Contractual Compliance continues to receive more than 20 new complaints each day. And it is not known how many more complaints are pending with Net 4 India that have not yet been brought to ICANN’s attention.

The termination notice contains 10 pages of complaints from Net4 customers, saying their domains could not be renewed or transferred. Some came from non-profits and hospitals. One registrant said he was contemplating suicide.

Net4’s customer service was non-responsive in each of these cases, the complainants said.

While some of Net4’s problems could be chalked down to coronavirus-related restrictions, the company has been in trouble for much longer.

It entered insolvency proceedings in 2017 after a debt recovery company called Edelweiss bought roughly $28 million of unpaid debt from the State Bank of India and took Net4 to court.

ICANN did not find out about this until April 2019 — it’s probably not a coincidence that this was the same month Net4 was late paying its first ICANN invoice — and it issued its first public breach notice in June that year.

Insolvency is grounds for termination in itself under the Registrar Accreditation Agreement.

It’s never been clearly stated why ICANN did not escalate at that time. Had it done so, it could have saved Net4’s customers from a world of hurt.

The Indian insolvency court admitted last month that it had no jurisdiction over ICANN or the Registrar Accreditation Agreement, both of which are governed primarily by California law.

Nevertheless, the court asked ICANN to not terminate Net4’s contract until after April 25, to give the company time to get its house in order.

But the termination notice, issued on Friday, will see the RAA cut off March 13. ICANN notes that it hasn’t heard from the court-appointed resolution professional, to whom previous breach notices were addressed, since mid-January.

Affected domains — there are still thousands under Net4’s accreditation — will be moved to another registrar under ICANN’s De-Accredited Registrar Transition Procedure.

Net4 could have a say in where its domains wind up. It’s already an OpenProvider reseller so that’s a possibility. Otherwise, ICANN will pick a beneficiary from a queue of qualified candidates.

Net 4 India gets unwelcome Christmas gift from ICANN

Kevin Murphy, January 4, 2021, Domain Registrars

Struggling Indian registrar Net 4 India has been hit by its third notice of contract breach by ICANN, in a letter delivered Christmas Eve.

Net4 is on ICANN’s naughty list this time due to its alleged violations of ICANN’s transfer and expired domains policies. The breach notice is very similar to that delivered just two weeks earlier, concerning different domains.

ICANN reckons Net4, once India’s largest independent registrar, has in some cases been transferring domains to a partner registrar, OpenProvider, without the consent or knowledge of the registrant.

It’s been asking the company for records proving compliance, which Net4 has apparently not been providing. Therein lies the alleged breach.

Net4 has been persona non grata among many of its customers for several months, with complaints about billing and renewal failures, expirations, and a general lack of customer service availability compounded by the coronavirus pandemic.

The company has also been fighting an insolvency proceeding over millions of dollars in allegedly unpaid debts for years, which has been the subject of an ICANN breach notice for about 18 months.

The Christmas Eve breach notice gives Net4 until January 14 to turn over the relevant records or possibly face termination.

But that might prove moot — the December 10 notice had a deadline of December 31, so the wheels may already be in motion.

ICANN throws the book at Net4 over dodgy transfer claims

Kevin Murphy, December 15, 2020, Domain Registrars

Struggling Indian registrar Net 4 India has been slammed with a massive breach notice by ICANN, following claims of domain transfers failing or happening without the consent of the registrant.

ICANN also accuses the company, which is or was India’s largest independent registrar, of trying to bullshit its compliance staff about whether expired domains had been renewed or not.

According to ICANN, Net4 is in breach of the Registrar Accreditation Agreement on four counts, three of which relate to domain ownership records.

ICANN says the company isn’t operating a Whois service on the web or port 43, has failed to escrow its registration data on two recent occasions, and has failed to hand over registrant information upon ICANN’s request.

It’s also past due with its fees, ICANN says.

ICANN’s been dealing with complaints about Net4 for months, after the company’s customer service system appeared to break down in the wake of the coronavirus pandemic. Hundreds of customers have said their domains were unrenewable and that they were unable to transfer to another registrar.

In the latest breach notice — the first published breach notice against any registrar since February — ICANN names almost 200 domain names that have allegedly been held hostage at Net4, despite the registrant’s efforts to transfer out.

ICANN wants proof that registrants were given transfer authorization codes and that their domains were unlocked.

In a smaller number of cases, ICANN wants proof that domains were transferred to Net4 partner Openprovider, for which it acts as a reseller, with the consent of the registrants.

It also claims that Net4 has more than once tried to prove that a registrant renewed their expired name by supplying the registry’s expiration date instead of its own, to blag its way out of accusations that registrants were unable to renew.

ICANN also accuses the registrar of dragging its feet to address complaints:

Over the past few months, the number of complaints ICANN Contractual Compliance has received from [registered name holders], and authorized representatives, asserting that Net 4 India is exhibiting a pattern of non-response to domain transfer and renewal requests has steadily increased. While addressing the relevant compliance cases, Net 4 India’s responses to ICANN Contractual Compliance have also regularly been untimely and incomplete.

Net4 is now in the unprecedented position of being subject to two different breach notices simultaneously.

ICANN actually issued a suspension notice in June 2019, after noticing that Net4 had been in insolvency proceedings for two years — a debt recovery agency is trying to recover $28 million in unpaid debts.

But that suspension deadline was paused after talks with the “resolution professional” handling the insolvency case, for reasons ICANN’s been rather quiet about, and it remains on pause to this date.

The newest breach notice has a December 31 deadline on it. Unless Net4 turns on its Whois and hands over the reams of requested data by then, ICANN could terminate its contract.

Assuming the insolvency court allows it to, presumably.

First deadbeat dot-brand ripped from the root

ICANN has terminated a dot-brand gTLD contract for non-payment of fees for the first time.

The unlucky recipient of the termination notice is aigo, a privately held Chinese consumer electronics manufacturer.

ICANN first hit the company with a breach of contract notice in March 2018, noting its non-payment and a litany of other infractions.

The two parties have been in mediation and arbitration ever since, but the arbitrator found aigo was in fact in breach in late May.

ICANN issued its termination notice June 25 and IANA yanked .aigo from the DNS root servers a couple of days later.

While aigo is not the first dot-brand registry to be hit with a non-payment breach notice, it is the first to have it escalated all the way to involuntary termination.

Also recently, .intel and .metlife — run by the chipmaker and insurance company respectively — both decided to voluntarily their dot-brand registry agreements.

The total number of voluntary terminations is now 78.