Recent Posts
- Is a .tree gTLD very cool or very silly?
- The internet just got its first new TLD since 2022
- Kid-friendly domains could be reborn
- Shrinking .us TLD is up for grabs
- Namecheap saw 116,000 phishing attacks last year
- .io safe for now as Trump puts Chagos deal on ice
- Amazon sells three gTLDs to Identity Digital
- .radio’s new owners might have a fight on their hands
- WIPO doubles the speed of UDRP cases
- Amazon joining GlobalBlock
- Unstoppable buys 10 new registrars
- ICANN cleaning house, cans four more registrars
- ICANN to throw millions more at cheapo gTLDs
- Introducing Stringtel, my new free new gTLD tool
- GlobalBlock signs the two best deals it will ever get
- Seven registrars get terminated
- GoDaddy launches DomainMaxxing to optimize your domains
- .latino gTLD to launch soon
- Amazon readies .pay gTLD
- Nominet reveals first DNS tech funding recipients
- ICANN hit with tinfoil-hat lawsuit
- .pn relaunches — you’ll never guess what they say it means
- Unstoppable focuses on proper domains, admits crypto was “craze”
- ICANN boss: no plans to scrap Oman meeting
- China domains dip in 2026
- ICANN maps out new gTLD timeline
- War disrupts ICANN 85
- Namecheap abandons fight for .org price caps
- Identity Digital acquires another gTLD
- Seven dead registrars on the out
- Sav.com owner takes over .radio gTLD
- .com zone tops 160 million domains
- ai.com, the most-expensive domain sale ever
- .ai hits seven figures, raises prices
- Typosquatter gets two years in jail
- Epstein low-balled registrants to get his exact-match domain
- Epstein bought “mother” domains for Fergie while serving time
- Two former ICANN directors want back in
- Former ICANN director could lose control of ccTLD
- UK launches “police.ai”, but does it own the domain?
- Team Internet still in talks to sell off domains unit
- NamesCon returning to Miami in November
- “Mad Dog” politician registers nazis.us, redirects to Trump admin site
- “Lowest Price Guaranteed!” $48 .com registrar canned
- No RDAP? No accreditation
- Fifth-largest gTLD not dead after all
- Half of registrar’s domains are abusive, ICANN says
- Burr joins PIR after leaving ICANN board
- Refunds galore as gTLD losers finally bow out
- .goo terminated as search engine closes down
- GoDaddy to offer domain blocking to people who don’t have trademarks
- Happy new year expected for domain industry, says ICANN
- Salesforce to apply for a dot-brand
- Team Internet looking to break up
- Noss to leave Tucows corner office
- Rubens Kühl has died
- Sinha angry with Chapman’s firing as ICANN vice chair
- Glitch redux: ICANN screws up new gTLD security again
- CentralNic claims second-largest TLD migration ever
- DNS issue at Amazon takes out major apps and sites
- .io sales almost double over three years
- Amazon delays book and fashion gTLDs
- Lindqvist shuffles the exec deck
- GoDaddy launches “ultra-premium” domain marketplace
- .mobi to get a new rival in .mobile
- Bye-bye .boomer! Blockchain players abandon new gTLD plans
- Decades-old US registrar gets a spanking
- love.you sold in apparent five-figure deal
- Bogus harassment complaints could get you an ICANN ban
- ICANN slaps open-mic ban on conflicted lawyers
- Final GTFO warning for 19 failed new gTLD bids
- Nominet opens $500,000 fund for open source projects
- Com Laude buys larger rival Markmonitor
- Epik took down Charlie Kirk doxing site
- Number of subsidized gTLD bidders far lower than thought
- Another registrar goes AWOL
- gTLD loses its second-largest registrar after breach
- Com Laude buys Fairwinds
- Unstoppable wants to be a registry back-end
- Sixteen new gTLD bids could face the firing squad
- Registry to release one-letter domains tomorrow
- New ICANN funding rules will cost smaller ccTLDs more
- .ai rival lines up gTLD bid
- Team Internet lays off 200
- Sixteen more orgs vie for cheap gTLDs, but…
- So who’s registering sunrise domains these days?
- Cloud gTLD gets launch dates
- Governments say new gTLD program “credibility” at stake
- NIXI planning doomed new gTLD bids
- AI experts replace Chapman on ICANN board
- RDRS may not be dead
- Single-letter .com lawsuit thrown out of court
- Golding challenges McCarthy for Nominet board seat
- Three applicants qualify for cheapo gTLDs
- Blockchain crisis looming for new gTLD next round
- Two more dot-brands leave Verisign for GoDaddy
- ICANN looking at new bulk reg rules
- Reseller loss hits Tucows’ DUM but not revenue
- GoDaddy counts cost of losing .co deal
- Wine producers worried about new gTLDs
- Goodyear tires of its dot-brand
- Team Internet loses Radix to Tucows
- ICANN’s “review of reviews” kicks off
- Huge registrars flee from RDRS
- Namecheap loses attempt to bring back .org price caps
- Registrar shamed for alleged crypto abuse neglect
- Poblete’s ICANN board seat safe
- .com off to strong start in Q3
- .my is growing like crazy
- ICANN settles $77 million sexual harassment suit
- Chinese domain spikiness ends in first half
- Registrars agree to higher ICANN fees
- ICANN to review reviews after review review request fails
- Got junk? June’s biggest gTLD growers do
- ICANN ditches Oman due to Middle-East conflicts
- ICANN’s mighty overlord flexes on transparency
- ICANN faces first pushback over DEI U-turn
- Loads of firms flunk out of next-round gTLD back-end program
- presidenttrump.xxx among thousands of dead .xxx domains suddenly springing to life
- One of the dumbest gTLDs just switched back-ends
- GoDaddy loses .co to Team Internet
- Governments erect bulk-reg barrier to new gTLD next round
- Little interest in cheapo gTLD program
- US government opposes most new gTLDs
- GoDaddy loses last Amazon business to Identity Digital
Adware dominating popular new gTLD ranks
Afilias’ .kim has become the latest victim (beneficiary?) of adware, as robo-registrations boost the gTLD’s zone file and apparent popularity.
It’s the latest new gTLD, after .xyz and .country, to see its rankings soar after hundreds of gibberish, bulk-registered domains started being used to serve ads by potentially unwanted software.
.kim is today the 4th most-popular new gTLD, with 85 domains in the top 100,000 on the internet and 264 in the top one million.
A month ago, it had a rank of 223, with just 16 domains in the top one million.
The domain names involved — gems such as oatmealsmoke.kim, vegetableladybug.kim and tubhaircut.kim — have seen a boat-load of traffic and rocketing Alexa rank.
The reason for the boost seems to be a one-off bulk registration of about 1,000 meaningless .kim domain names in early February, which now appear to be being used to serve ads via adware.
In this chart (click to enlarge), we see .kim’s zone file growth since the start of 2015.
The spike on February 5, which represents over 1,000 names, is the date almost all of the .kim names with Alexa rank were first registered.
They all appear to be using Uniregistry as the registrar and its free privacy service to mask their Whois details.
These domains often do not resolve if you type them into your browser. They’re also using robots.txt to hide themselves from search engines.
But they’ve been leaving traces of their activity elsewhere on the web, strongly suggesting their involvement in adware campaigns.
It seems that the current (ab?)use of .kim domains is merely the latest in a series of possibly linked campaigns.
I noted in January that gibberish .country domains — at the time priced at just $1 at Uniregistry — were suddenly taking over from .xyz in the popularity charts.
The following three charts, captured from DI PRO’s TLD Health Check, show how the three TLDs’ Alexa popularity rose and fell during what I suspect were related adware campaigns..
First, .xyz, which was the first new gTLD to show evidence of having robo-registrations used in adware campaigns, saw its popularity spike at the end of 2014 and start of 2015:
Next, Minds + Machines’ .country, which saw its zone file spike by 1,500 names around January 6, starts to see its Alexa-ranked total rocket almost immediately.
.country peaks around February 9, just a few days after the .kim robo-registrations were made.
Finally, as .country’s use declines, .kim takes over. Its popularity has been growing day by day since around February 13.
I think what we’re looking at here is one shadowy outfit cycling through bulk-registered, throwaway domain names to serve ads via unwanted adware programs.
It seems possible that domains are retired when they become sufficiently blocked by security countermeasures, and other domains in other TLDs are then brought online to take over.
None of this necessarily reflects badly on any of the new gTLDs in question, or even new gTLDs as a whole, of course.
For starters, I’ve reason to believe that TLDs such as .eu and .biz have previously been targeted by the same people.
The “attacks”, for want of a better word, are only really noticeable because the new gTLDs being targeted are young and still quite small.
It takes much longer to build up genuine popularity for a newly launched web site than it does to merely redirect exist captive traffic to a newly registered domain.
What it may mean, however, is that .kim and .country are going to be in for statistically significant junk drops about a year from now, when the first-year registrations expire.
For .kim, 1,000 names is about 14% of its current zone file. For .country, it’s more like a quarter.
The daily-updated list of new gTLD domains with Alexa rank can be explored by DI PRO subscribers here. The charts in this post were all captured from the respective TLD’s page on TLD Health Check.
.porn now the biggest new gTLD sunrise
.porn and .adult have taken the crown of the most-subscribed new gTLD sunrise periods to date.
The two ICM Registry spaces opened up for registrations from users of the Trademark Clearinghouse on March 2.
A little over a week later, the company tells DI that both gTLDs have individually exceeded the previous sunrise record holder.
My understanding is that .london was the new gTLD with the most sunrise registrations, selling just over 800 names to TMCH customers during its combined sunrise/landrush, which ended last July.
ICM revealed in a webinar last week that it expected its new gTLDs to have to biggest sunrise numbers to date.
“Both .porn and .adult will have exceeded that [.london] number comfortably,” ICM president Stuart Lawley confirmed to DI today.
.adult is “almost neck and neck” with .porn, Lawley said.
The numbers are still pretty small compared to ICM’s 2003-round gTLD, .xxx, which had over 80,000 sunrise applications in October 2011.
They’re also pretty small compared to the TMCH’s overall number of registrations, which at the last public disclosure was a little under 35,000.
But ICM has another couple opportunities for trademark owners to defensively register that may work out cheaper.
First, from April 6 to April 30 companies that bought non-resolving “blocked” names in the .xxx Sunrise B will be able to block the same strings in .porn and .adult.
ICM says registrars are offering discounts for five-year blocks.
Then, from May 6 to May 31 the Domain Matching program starts. That’s open to any .xxx registrant, defensive or otherwise, but not to those with .xxx Sunrise B blocks.
Europeans digging new gTLD more than Americans?
Are European registrants more likely to register new gTLD domain names than those in the US and elsewhere?
That’s the view of Tucows, which sees more new gTLD action from its European OpenSRS resellers than it does from others.
In a blog post last week, OpenSRS blogger Gustavo Arruda noted that Americans are still stuck in a .com mindset:
Our European resellers are leading the charge. We expected the European market to be more open to new gTLDs and that prediction proved correct. It’s a market used to ccTLDs so having a couple hundred more new gTLDs was not a big deal.
North American resellers are lagging behind. It continues to be a very .COM-centric market that is still skeptical about too much choice.
South American and Asian resellers complain about the English-centric nature of new gTLDs. A lot of the new gTLDs we have launched do not make sense in these markets so adoption has been slow.
The post came as OpenSRS recorded its 100,000th new gTLD domain sale.
One reason for the Euro-slant in the market could be the relatively good performance of city gTLDs, most of which are European, and which are easily grasped concepts for buyers familiar with ccTLDs.
Hover, Tucows’ retail registrar, is geo-targeting which TLDs it offers visitors. As DI is based in London, I get offered .london domains prominently when searching for domains there.
The only US geo-gTLDs available to date are .vegas and .nyc.
Donuts bought .reise
Donuts has been confirmed by a German news site as the new owner of .reise, which was auctioned by its previous owner last week.
It was the first time a live gTLD had been sold at auction.
The deal, which is believed to have cost Donuts at least $400,000, means the company now owns .reise and .reisen.
Both mean “.travel”. According to my GCSE German skillz, last exercised 22 years ago, .reisen is a verb and .reise is a noun, but .reisen is also the plural of the noun .reise.
I believe this means that Donuts is the first company to own both the plural and singular forms of a new gTLD string.
Heise Online reports that former registry Dotreise was forced to sell up due to competition from Donuts.
Donuts’ .reisen has over 4,000 names in its zone file, compared to .reise’s 1,300. It’s a small market so far, but Donuts has the lion’s share.
The article notes that Donuts got a better position in ICANN’s prioritization draw in late 2012, meaning it got to market slightly earlier. Donuts also sells for a much lower price.
I doubt time to market was as much of a factor as price.
But it might be interesting to note that while Donuts’ advantage was just six days in terms of contract-signing, that lead had been extended to six weeks by the time .reise was delegated.
Donuts, which has more experience than any other company when it comes to the transition to delegation process, managed to hit general availability two weeks sooner than .reise, even though Donuts’ sunrise period was twice as long.
ICANN wins .hotels/.hoteis confusion appeal but has to pay up anyway
The proposed new gTLDs .hotels and .hoteis are too confusingly similar to coexist on the internet.
That’s the result of an Independent Review Process decision this week, which denied .hotels applicant Booking.com’s demand to have ICANN’s string confusion decision overturned.
But the IRP panel, while handing ICANN a decisive victory, characterized the string confusion and IRP processes as flawed and said ICANN should have to pay half of the panel’s $163,000 costs.
Booking.com filed the IRP a year ago, after the new gTLD program’s String Similarity Panel said in February 2013 that .hotels was too similar to rival Despegar Online’s proposed .hoteis.
.hoteis is the Portuguese translation of .hotels. Neither string was contested, so both would have been delegated to the DNS root had it not been for the confusion decision.
In my view, the String Similarity Panel’s decision was pretty sound.
With an upper-case i, .hoteIs is virtually indistinguishable from .hotels in browsers’ default sans-serif fonts, potentially increasing the ease of phishing attacks.
But Booking.com, eager to avoid a potentially costly auction, disagrees with me and, after spending a year exhausting its other avenues of appeal, filed an IRP in March 2013.
The IRP decision was handed down on Tuesday, denying Booking.com’s appeal.
The company had appealed based not on the merits of the SSP decision, but on whether the ICANN board of directors had acted outside of its bylaws in establishing an “arbitrary” and opaque SSP process.
That’s because the IRP process as established in the ICANN bylaws does not allow appellants to changed a decision on the merits. IRP panels are limited to:
comparing contested actions of the Board to the Articles of Incorporation and Bylaws, and with declaring whether the Board has acted consistently with the provisions of those Articles of Incorporation and Bylaws.
The IRP panel agreed that the SSP process could have been fairer and more transparent, by perhaps allowing applicants to submit evidence to the panel and appeal its decisions, saying:
There is no question but that that process lacks certain elements of transparency and certain practices that are widely associated with requirements of fairness.
But the IRP panel said Booking.com was unable to show that the ICANN board acted outside of its bylaws, highlighting the limits of the IRP as an appeals process:
In launching this IRP, Booking.com no doubt realized that it faced an uphill battle. The very limited nature of the IRP proceedings is such that any IRP applicant will face significant obstacles in establishing that the ICANN Board acted inconsistently with ICANN’s Articles of Incorporation or Bylaws. In fact, Booking.com acknowledges those obstacles, albeit inconsistently and at times indirectly.
…
Booking.com has failed to overcome the very obstacles it recognizes exist.
The IRP panel quoted members of ICANN’s New gTLD Program Committee extensively, highlighting comments which questioned the fairness of the SSP process.
In contrast to usual practice, where the losing party in an IRP bears the costs of the case, this panel said the $163,000 costs and $4,600 filing fee should be split equally between ICANN and Booking.com:
we can — and we do — acknowledge certain legitimate concerns regarding the string similarity review process raised by Booking.com, discussed above, which are evidently shared by a number of prominent and experienced ICANN NGPC members.
…
In view of the circumstances, each party shall bear one-half of the costs of the IRP provider
Booking.com and Despegar will now have to fight it out for their chosen strings at auction.
The full decision can be read in PDF format here. Other documents in the case can be found here.
The TL;DR version: ICANN wins because it has stacked the appeals deck in its favor and the IRP process is pretty much useless, so we’re going to make them pay up for being dicks.
Live gTLD .reise sold at auction
The first auction of a live new gTLD resulted in a sale, I can reveal.
Dotreise’s .reise, which is German for “.travel”, changed hands in an auction managed by Applicant Auction last Friday.
Unfortunately, I haven’t been able to identify the winning bidder or the winning bid, but the winner’s identity will inevitably be revealed sooner or later.
Applicant Auction had said there was to be a $400,000 starting bid on the gTLD.
.reise has been general availability since August but has only about 1,300 names in its zone file. It retails for up to $180 a year.
If the TLD’s new owner is not Donuts, the company will find itself competing with Donuts’ much cheaper and more popular .reisen.
Tucows and Namecheap exit $14m .online deal
Tucows and Namecheap have both pulled out of their joint venture with Radix to run the .online registry.
Tucows revealed the move, which will see Radix run .online solo, in a press release yesterday.
Both Tucows and Namecheap are registrars, whereas Radix is pretty much focused on being a registry nowadays.
While financial terms have not been disclosed, Tucows CEO Elliot Noss had previously said that each of the three companies had funded the new venture to the tune of $4 million to $5 million.
I estimate that this puts the total investment in the deal — which includes the price of winning .online at auction — at $13 million to $14 million.
Noss has also hinted that the gTLD sold for much more than the $6.8 million paid for .tech.
.online has not yet been delegated.
More security issues prang ICANN site
ICANN has revealed details of a security problem on its web site that could have allowed new gTLD registries to view data belonging to their competitors.
The bug affected its Global Domains Division customer relationship management portal, which registries use to communicate with ICANN on issues related to delegation and launch.
ICANN took GDD down for three days, from when it was reported February 27 until last night, while it closed the hole.
The vulnerability would have enabled authenticated users to see information from other users’ accounts.
ICANN tells me the issue was caused because it had misconfigured some third-party software — I’m guessing the Salesforce.com platform upon which GDD runs.
A spokesperson said that the bug was reported by a user.
No third parties would have been able to exploit it, but ICANN has been coy about whether any it believes any registries used the bug to access their competitors’ accounts.
ICANN has ‘fessed up to about half a dozen crippling security problems in its systems since the launch of the new gTLD program.
Just in the last year, several systems have seen downtime due to vulnerabilities or attacks.
A similar kind of privilege escalation bug took down the Centralized Zone Data Service last April.
The RADAR service for registrars was offline for two weeks after being hacked last May.
A phishing attack against ICANN staff in December enabled hackers to view information not normally available to the public.
Google buys .app for over $25 million
The fiercely competed new gTLD .app has sold to Google for a record-breaking $25 million.
The company’s Charleston Road Registry subsidiary beat out 12 other applicants for the string, including Donuts, Amazon, Famous Four Media, Radix and Afilias.
The auction lasted two days and fetched a winning bid of $25,001,000, more than any other new gTLD to date.
The previous high is believed to be .blog, which I estimate sold for less than $20 million.
Because it was an ICANN-run “last resort” auction, all of the money goes into ICANN’s special auction proceeds fund, which previously stood at just shy of $35 million.
Previous ICANN auctions have fetched prices between $600,000 and $6,760,000.
Google originally proposed .app as a closed registry in which only Google and its partners could register names.
However, after the Governmental Advisory Committee pressured ICANN to disallow “closed generics”, Google changed its application to enable anyone to register.
Verisign sues .xyz and Negari for “false advertising”
Handbags at dawn!
Verisign, the $7.5 billion .com domain gorilla, has sued upstart XYZ.com and CEO Daniel Negari for disparaging .com and allegedly misrepresenting how well .xyz is doing.
It’s the biggest legacy gTLD versus the biggest (allegedly) new gTLD.
The lawsuit focuses on some registrars’ habit of giving .xyz names to registrants of .com and other domains without their consent, enabling XYZ.com and Negari to use inflated numbers as a marketing tool.
The Lanham Act false advertising lawsuit was filed in Virginia last December, but I don’t believe it’s been reported before now.
Verisign’s beef is first with this video, which is published on the front page of xyz.com:
Verisign said that the claim that it’s “impossible” to find a .com domain (which isn’t quite what the ad says) is false.
The complaint goes on to say that interviews Negari did with NPR and VentureBeat last year have been twisted to characterize .xyz as “the next .com”, whereas neither outlet made such an endorsement. It states:
XYZ’s promotional statements, when viewed together and in context, reflect a strategy to create a deceptive message to the public that companies and individuals cannot get the .COM domain names they want from Verisign, and that XYZ is quickly becoming the preferred alternative.
As regular readers will be aware, .xyz’s zone file, which had almost 785,000 names in it yesterday, has been massively inflated by a campaign last year by Network Solutions to push free .xyz domains into customers’ accounts without their consent.
It turns out Verisign became the unwilling recipient of gtld-servers.xyz, due to it owning the equivalent .com.
According to Verisign, Negari has used these inflated numbers to falsely make it look like .xyz is a viable and thriving alternative to .com. The company claims:
Verisign is being injured as a result of XYZ and Negari’s false and/or misleading statements of fact including because XYZ and Negari’s statements undermine the equity and good will Verisign has developed in the .COM registry.
…
XYZ and Negari should be ordered to disgorge their profits and other ill-gotten gains received as a result of this deception on the consuming public.
The complaint makes reference to typosquatting lawsuits Negari’s old company, Cyber2Media, settled with Facebook and Goodwill Industries a few years ago, presumably just in order to frame Negari as a bad guy.
Verisign wants not only for XYZ to pay up, but also for the court to force the company to disclose its robo-registration numbers whenever it makes a claim about how successful .xyz is.
XYZ denies everything. Answering Verisign’s complaint in January, it also makes nine affirmative defenses citing among other things its first amendment rights and Verisign’s “unclean hands”.
While many of Verisign’s allegations appear to be factually true, I of course cannot comment on whether its legal case holds water.
But I do think the lawsuit makes the company looks rather petty — a former monopolist running to the courts on trivial grounds as soon as it sees a little competition.
I also wonder how the company is going to demonstrate harm, given that by its own admission .com continues to sell millions of new domains every quarter.
But the lesson here is for all new gTLD registries — if you’re going to compare yourselves to .com, you might want to get your facts straight first if you want to keep your legal fees down.
And perhaps that’s the point.
Read the complaint here and the answer here, both in PDF format.
Recent Comments