Recent Posts
- Americans and ICANNers avoid Kigali in droves
- RDRS stats improve a little in June
- Unstoppable Domains goes down after domain hijack
- Four more gTLDs in emergency measures
- New gTLDs and ccTLDs drive domain universe growth
- Eight interesting recent dot-brand registrations
- .me premium sales down
- Pride fails to reverse gay domains decline
- Unstoppable announces another new gTLD bid
- Blockchain naming firm gets ICANN accreditation
- ICANN takes over gTLD after Whois failures
- Verisign: would-be .com contract killers are “wrong”
- Five gTLDs at risk as registry goes AWOL
- Groups make flawed case that .com is a cartel
- RDRS usage hits all-time low
- A dot-brand so unloved they killed it twice
- PorkBun hits two million domain milestone
- Crawford returns to industry to head up Com Laude
- ICANN financial data dump a damp squib?
- Unstoppable plotting manga-themed gTLDs
- Governments call for new gTLD auctions ban
- ICANN names new CEO, and it isn’t Costerton
- ICANN: We will NOT police content
- More sticker shock as new gTLD fees could top $300,000
- ICANN slashes staff and domain prices could rise
- Secret new gTLD application revealed
- WhatsApp now linkifying new gTLDs, but…
- Outrage over ICANN’s new gTLD fees
- Barrett gets second term on ICANN board
- DotMusic delays gTLD launch again
- .tm prices to skyrocket next week
- Bitcoin gTLD gets launch dates
- First metaverse gTLD is announced
- Alibaba off the naughty step
- ICANN to kill auction fund bylaws change
- The people have spoken on RDRS and they said “Meh”
- ICANN restarts work on controversial Whois privacy rules
- GNSO mulls lawyering up over auction fund dispute
- Jury still out on ICANN’s content policing powers
- It now takes TWO WEEKS to get a Whois record with RDRS
- Travel expenses push ICANN into the red again
- ICANN preparing for ONE HUNDRED registry back-ends
- DNS Abuse Institute changes name
- A new way to game the new gTLD program
- .home, .mail and .corp could get unbanned
- Unstoppable to apply for Women in Tech gTLD
- Bob Parsons publishes autobiography
- GoDaddy getting a free pass from porn jail?
- Correction: Sinha’s seat is safe
- Chinese domains plummet again in 2023
- GoDaddy price increases lead to revenue growth
- D3 announces seventh blockchain gTLD client
- Taylor Swift applies for her .post domain
- .ad domains to go global soon
- Single-letter .com case back in court
- ICANN to slash costs as Verisign’s magic money tree dries up
- Community revolts over ICANN’s auction proceeds power grab
- Two seats up for grabs on Nominet board
- War takes steep toll on .ua domains
- .de worst TLD for CSAM — report
- .com still shrinking because of China
- ICANN publishes its Woke Manifesto. Here’s my hot take
- Alibaba, Name.com among new RDRS opt-ins
- .my domains to be sold globally next month
- The Swiss can register .swiss domains from next week
- .ai up to 425,000 domains
- A million “free” .music domains up for grabs
- D3 to get $5 million in crypto to apply for .ape gTLD
- Alibaba hit with ICANN breach notice
- New Vegas conference “Davos for Web3 interoperability”
- ICANN content policing power grab may be dead
- Cable company unplugs its dot-brand after acquisition
- Germany crosses 10,000 dot-brand domains milestone
- Founders out as Com Laude gets equity injection
- PIR’s Diaz to leave domain industry
- Some registrars have already quit ICANN’s Whois experiment
- ICANN opens $217 million Grant Program
- Internet could get one-letter gTLDs (but there’s a catch)
- .ai registry fights deadbeats with tweaked auction rules
- Amazon and Google among .internal TLD ban backers
- .ai registry advises buyers not to use GoDaddy
- .post liberalizes with new sunrise period
- Team Internet spends $41 million on content farm
- Epik backtracks on Kiwi Farms claim after legal threat
- .austin names launch on blockchain
- Freenom shuts down 12.6 million domains — report
- GoDaddy’s next .xxx contract may not be a done deal
- GlobalBlock blocking 2.5 million domains
- Microsoft moving its cloud apps from .com to .microsoft
- ICANN 79: anonymous trolls and undercover lawyers
- ICANN scores win in single-letter .com lawsuit
- Cosmetics brand terminates its gTLD
- Up to 70 jobs on the line at Nominet as .uk regs dwindle
- Governments back down on new gTLD next round delay
- Private auctions could be banned in new gTLD next round
- ICANN meeting venue “insensitive and hurtful”
- GoDaddy to start selling graphic.design domains
- GAC spinning up new gTLD curveball at ICANN 79?
- GoDaddy’s GlobalBlock supports blockchain names
- Police .uk domain takedowns dive in 2023
- GoDaddy wants to cut the bullshit from .xxx
- Dueling domain blocking services to launch at ICANN 79
- Freename tries to bridge DNS and blockchain
- Olive retires from ICANN
- Whois policy published without life-saving disclosure rule
- UK gov takes its lead from ICANN on DNS abuse
- Tucows reports 2023 results
- Twitter “completely unresponsive” on clickable domains
- ICANN spends $5 million more than planned in first fiscal half
- .art takes a million domains off its premium list
- KeyTrap ‘the most devastating vulnerability ever found in DNSSEC’
- Freenom settles $500 million Meta lawsuit and will exit domain business
- New gTLD lottery to return in 2026
- First GlobalBlock prices revealed — they ain’t cheap
- Domain universe grows on new gTLDs despite .com shrinkage
- D3 signs up crypto gTLD client number five
- GoDaddy reports strong domains growth
- How to qualify for a $40,000 gTLD
- Registry service provider evaluation handbook published
- WebUnited inks deal to “mirror” country’s TLD in the blockchain
- GoDaddy project unveils brand-blocking calculator
- Report: Monster “misappropriated” millions from Epik
- .com is shrinking but Verisign raises prices again anyway
- D3 announces fourth crypto new gTLD client
- Donald Trump loses second UDRP case
Registrar linked to defunct social network terminated
ICANN has terminated a registrar for not paying its fees and other infractions.
ICANN Compliance, in a termination notice effective August 10, said that US-based, Indian-operated Nimzo 98 had failed to provide a Whois service and escrow its registration data.
These secondary breaches seem to be side effects of the fact that the company is no longer operating. It’s been ghosting Compliance since December, according to the notice.
Nimzo, as I blogged in May, seems to have been the in-house registrar of a short-lived social network project name Houm, which offered users a domain name as part of the service bundle.
It peaked at about 21,000 names before it abruptly deleted them all, last October, registry transaction reports show.
At the last count, this March, it had just 270 names under management. ICANN will trigger its De-Accredited Registrar Transition Procedure to move whatever remains today into safer hands.
Epik is off the ICANN naughty step
Epik is no longer in breach of its ICANN registrar accreditation agreement, but it remains to be seen whether its anonymous new owners can take over the contract, ICANN has said.
The registrar has paid its past-due fees, explained why it delayed its customers’ renewal requests and promised to put in place measures to ensure this kind of thing doesn’t happen again, ICANN Compliance chief Jamie Hedlund blogged.
This means Epik has dodged a contract suspension and gets to continue with business as usual, for now, albeit with many distrustful customers.
Hedlund wrote that ICANN is now reviewing Epik’s request to transfer its accreditation from Epik Inc to new entity Epik LLC, whose owners have yet to reveal their identities.
ICANN has to do due diligence on the buyer before approving the transfer, but Hedlund said this case is “complex” and is expected to take “several months”.
The LLC bought the old registrar for almost $5 million last month after a tortuous few months for customers claiming to be owed hundreds of thousands of dollars.
Some have speculated that the LLC is a front for Epik founder and former CEO Rob Monster, the person arguably most responsible for Epik’s woes over the last 12 months, but court documents published as part of a customer lawsuit include emails from Monster that suggest he was not involved.
New gTLD registry gets second ICANN breach notice
A new gTLD registry has become the second to receive a second ICANN breach notice from ICANN.
Asia Green IT System, based in Turkey, hasn’t been paying its fees on four of its TLDs, ICANN says in its notice, and isn’t displaying Whois data in the required format.
The gTLDs concerned are .nowruz (Iranian New Year), .pars (refers to Persia/Iran), .shia (a branch of Islam), and .همراه (.xn--mgbt3dhd, appears to mean something like “comrade” in Persian).
ICANN has given the company until July 5 to pay up or risk having its contracts terminated.
No domains would be at risk if that were to happen — none of the four TLDs has launched. Each has a single domain in its zone file, despite being in the root for several years.
Asia Green was hit with a similar notice in 2019, which it ultimately resolved.
Mystery buyer rescues Epik at end of crazy week
Limping registrar Epik isn’t out of the woods yet by a long shot, but its life became considerably easier late last week when a mystery buyer snapped up its assets for almost $5 million, enabling it to pay off many of its creditors.
The company said on Twitter that it had closed a deal that allowed it to pay off ICANN, which had filed a public breach notice just two days earlier, as well as various registries and loan providers.
It also allowed it to pay off Matthew Adkisson, the customer who was owed over $300,000 following a botched secondary market domain deal last year, who has now dropped his fraud and racketeering lawsuit.
Adkisson appears to have come away poorer, however, as the payoff seems to have only covered the money owed and not the probably substantial legal fees he has incurred since then.
The events of last week were pretty wild, including claims about literal assassination attempts, judging by court documents from Adkisson’s case.
Epik had told his lawyers that an “asset purchase agreement” for the Epik registrar was imminent, which would allow the company to settle its debts.
Disappointed with the offer, Adkisson filed for a temporary restraining order to prevent the sale, believing the money would wind up being squirreled away by the registrar’s current or former management.
That TRO disappeared when he withdrew his complaint and got paid at the weekend. ICANN, Identity Digital and Verisign all appear to have been paid at the same time, along with creditors called TVT and JJE.
The ICANN breach notice provides some poor optics for ICANN, which now looks like it only initiated Compliance proceedings in March, when its own registrar fees went unpaid, despite being aware of the many customer complaints against Epik.
However, now that the Compliance process has started, getting paid may not be enough to end it. The breach notice also refers to “several hundred” domains that were affected by Epik’s cash flow problems — it seems the company was unable to renew or transfer domains while in was in hock to the registries.
Adkisson’s docket contains several sworn declarations from customers saying they have lost important domains to others or been forced to spend thousands of dollars to move their domains elsewhere lest risk losing them.
While Epik cannot provide satisfactory answers to ICANN’s questions about these domains, its accreditation is still at risk.
Complicating matters, the new buyer will need to have the old registrar accreditation transferred to it, a process that takes time and subjects the registrar to a certain amount of ICANN scrutiny.
And the identity of the buyer is pretty mysterious.
On paper, the buyer is Epik LLC, a Wyoming corporation that formed about a week before the deal was finalized. Former Epik CEO Rob Monster has had to agree to change the names of operating company Epik Inc and parent Epik Holdings Inc to remove the “Epik” brand.
But the new LLC was created by a company called Registered Agents Inc, and the acquisition deal signed by its president, Jon Spear.
Registered Agents is a company that enables people to set up shell companies pretty much anonymously, and is often used by “[o]ligarchs, criminals and online scammers”, according to the Washington Post.
This is exactly the kind of association Epik does not need right now.
Making the new owners look even worse, an anonymous individual claiming to be a representative of the new Epik introduced himself or herself on the domainers forum Namepros at the weekend in probably the dumbest way imaginable if the company wants to claw back any credibility at all among what was once a core customer base.
The post does contain an apology to those “financially hurt” by Epik’s actions, and a commitment to “make things right for as many people as possible”, but it also contains several sideswipes at Namepros users, many of them victims of Epik’s mismanagement, calling their commentary “worthless”. It looks like the work of a troll.
In short, Epik still has a hell of a tough time ahead of it if it wants to shake off its bad reputation.
But before this article ends, I promised you some stuff about assassination attempts.
The material disclosed in the Adkisson case includes what appears to be a dense, multi-layered, rambling, paranoid conspiracy theory from Rob Monster, which draws in everyone from disgraced shock jock Alex Jones to Domain Name Wire editor Andrew Allemann (who hilariously Monster accuses of writing “hit pieces” about him).
I have to confess to being slightly disappointed that I didn’t get a shout-out.
He accuses people I’m not going to name here as secretly convening in late 2021 to discuss removing Monster from Epik by any means possible, with “lethal options” possibly on the table. He goes on to say:
For the record, I do have reason to believe that there have been attempts on my life including recently. This was the main reason why I stayed in Asia from January 20 through April 4 and maintained a heightened degree of privacy. I am in excellent health and not suicidal.
Monster, who I believe UK defamation law allows me to describe as “a bit of a character”, is known to frequently indulge in conspiracy theories, particularly with regards mass shootings (which feature in the theory outlined in his email to Adkisson’s lawyers).
Another registrar seemingly vanishes
An accredited registrar appears to have gone bust after its parent company failed.
ICANN has sent a breach notice to Nimzo 98, which while registered as an LLC in the US appears to be Indian-operated, saying the company has not paid its fees and the Compliance folk haven’t been able to reach management since December.
The notice also complains that the company isn’t providing a Whois service as required, which may be a polite way of saying that the entire web site is down — it’s not resolving properly for me.
Digging into the data a little, it seems Nimzo was the in-house registrar of a company called Houm that, according to its press releases, was operating some kind of privacy-oriented social network slash cloud storage service.
Part of Houm’s offering was a personal domain name, which came bundled as part of the monthly service fee.
When Houm seriously started promoting its service last year, it appears to have led to a spike in registrations via Nimzo. Most of its domains were concentrated in new gTLDs such as .live, .xyz, .earth, .world and .space.
Having consistently registered no more than a couple hundred gTLD names per month for years, there was a sudden spike to over 5,000 in July and 12,000 in August, peaking Nimzo’s total domains at 21,000 that month.
But then, in October, the registrar deleted almost all of its names. It went from 21,000 domains under management in August to 190 at the end of October. These were not grace-period deletes, so fees would have been applicable.
Houm’s web site at houm.me also appears inoperable today, showing a server error when I access it, and its Twitter account has been silent since last August.
ICANN has given Nimzo until May 22 to pay up or lose its accrediation.
Registrars CAN charge for Whois, ICANN grudgingly admits
ICANN is powerless to prevent registrars from charging for access to non-public Whois data, the Org has reluctantly admitted.
In a recent advisory, ICANN said it is “concerned” that registrars including Tucows have been charging fees to process requests for data that would otherwise be redacted in the free public Whois.
But it said there’s nothing in the Registrar Accreditation Agreement, specifically the Temporary Specification governing Whois in the post-GDPR world, that bans such services:
While the RAA explicitly requires access to public registration data directory services to be provided free of charge, the Temporary Specification does not specifically address the issue of whether or not a registrar may charge a fee for considering requests for access to redacted registration data.
So basic Whois results, with all the juicy info redacted, has to be free, but registrars can bill organizations who ask for the veil to be lifted. ICANN wrote:
ICANN org is concerned that registrars’ imposition of fees for consideration of requests for access to nonpublic gTLD registration data may pose an access barrier. Access to registration data serves the public interest and contributes to the security and stability of the Internet
The advisory calls out Tucows’ Tiered Access Compliance and Operations system, TACO, as the primary example of a registrar charging for data, but notes that others are too.
Not long after the advisory was published, Tucows posted an article in which it explained that the fees are necessary to cover the cost of the “thousands” of automated requests it has received in the last four years.
Charging fees for compliance with other forms of legal process is not uncommon in the industry, and the vast majority of requests for registration data (approximately 90%) continue to come from commercial litigation interests and relate to suspected intellectual property infringement.
Facebook, now Meta, was at first, and may still well be, a frequent bulk filer.
Tucows said that it “frequently” waives its fees upon request for “single-use requestors and private parties”.
Is ICANN toothless in the face of DNS abuse?
Concerns have been raised that ICANN may lack the tools to tackle DNS abuse using its contracts with registries and registrars.
The new report from the GNSO’s “small team” on abuse has highlighted two “gaps” in the current Compliance regime that may be allowing registrars to get away with turning a blind eye to abusive customers.
The current version of the standard Registrar Accreditation Agreement calls for registrars to maintain an abuse contact email and to “take reasonable and prompt steps to investigate and respond appropriately to any reports of abuse.”
The problem, the small team report finds, is that ICANN Compliance doesn’t seem to have a standard definition of “reasonable”, “prompt”, and “appropriately”. The contract doesn’t require any specific remediations from the registrar.
“Members of the small team are concerned that this interpretation may allow DNS abuse to remain unmitigated, depending upon the registrar’s specific domain name use and abuse policies,” the report states.
Judging by conversations at ICANN 75 last month, it’s apparently the first time Compliance has gone on the record about how it enforces this part of the contract.
It’s quite rare for ICANN to issue a public breach notice to a registrar over its failure to respond to abuse reports and when it does, it tends to relate to the registrar’s failure to keep records showing how it responded.
I can’t find any instances where Compliance has canned a registrar for allowing abusive domains — typically defined as those hosting malware, phishing, botnets, pharming and some spam — to remain active after an abuse report.
The small team’s report also thinks there’s a blind spot in ICANN’s standard Registry Agreement, which in turn requires registries to include, in their Registry-Registrar Agreements, provisions requiring anti-abuse terms in the registrars’ Registration Agreements.
This complex chain of contractual provisions doesn’t seem to be enforced, the small team notes, saying “further consideration may need to be given to what Registries are doing to ensure the text is indeed included in the Registration Agreement (ie Registries enforcing their own Registry-Registrar Agreements”.
The small team recommends that contracted parties talk further with ICANN about possible contract changes or best practices documents before going ahead with policy-making. The GNSO Council will address the recommendations later this month.
ICANN terminates these three deadbeat registrars
Registrars based in the US, Philippines and Bangladesh have lost their ICANN accreditations for non-payment of fees.
ICANN recently sent termination notices to Domainia, HOAPI, and Innovadeus, which the Org says have breached their contracts by not paying and in some cases failing to provide required information and services on their web sites.
It appears all three companies are no longer operational. Domainia’s domain resolves to a GoDaddy sales lander, HOAPI’s is NX’d, and Innovadeus’s site is riddled with WordPress errors.
Innovadeus and HOAPDI were first deemed “past due” on their fees in November 2020, according to ICANN. For Domainia, it was September 2020.
Fortunately, it seems few to no registrants will be affected by the terminations. HOAPI had one gTLD domain under management, its own. Domainia had none, and Innovadeus had a few hundred, which will be transferred to another registrar.
Russian registry hit with second breach notice after downtime
ICANN has issued another breach notice against the registry for .gdn, which seems to be suffering technical problems and isn’t up-to-date on its bills.
Navigation-Information Systems seems to have experienced about 36 hours of Whois/RDDS downtime starting from April 22, and is past due with its quarterly ICANN fees, according to the notice.
Contractually, if ICANN’s probes detect downtime of Whois more than 24 hours per week, that’s enough to trigger emergency measures, allowing ICANN to migrate the TLD to an Emergency Back-End Registry Operator.
Today, the registry’s web site hasn’t resolved for me in several hours, timing out instead, suggesting serious technical problems. Other non-registry .gdn web sites seem to work just fine.
NIS seems to be a Russian company — although most ICANN records give addresses in Dubai and Toronto — so it might be tempting to speculate that its troubles might be a result of some kind of cyber-war related to the Ukraine invasion.
But it’s not the first time this has happened by a long shot.
The company experienced a pretty much identical problem twice a year earlier, and it seems to have happened in 2018 and 2019 also.
NIS just can’t seem to keep its Whois up.
According to the breach notice, whenever Compliance manages to reach the registry’s 24/7 emergency contact they’re told he/she can’t help.
ICANN has given the registry until May 29 to fix its systems and pay up, or risk termination.
.gdn was originally applied for as something related to satellites, but it launched as an open generic that attracted over 300,000 registrations, mostly via disgraced registrar AlpNames, earning it a leading position in spam blocklists. Today, it has around 11,000 names under management, mostly via a Dubai registrar that seems to deal purely in .gdn names.
Two countries could lose registrar competition after breach notices
ICANN has issued breach-of-contract notices to two small registrars, potentially reducing the number of accredited registrars in two countries to just one.
It’s sent notices to Tecnologia, Desarrollo Y Mercado S de RL de CV, one of two accredited registrars based in Honduras, and to Innovadeus, one of only two in Bangladesh.
In the former case, ICANN claims TDM has failed to respond to abuse reports and has been generally sluggish and reluctant to cooperate with Compliance requests.
In the case of Innovadeus, it claims the registrar — which records show has lost almost all of its domains under management in the last couple of years — has failed to pay its accreditation fees.
TDM has been told to shape up by May 27. Innovadeus has been given until May 26 to pay up. Failure in either case could mean termination.
Recent Comments