Latest news of the domain name industry

Recent Posts

.xxx shows up in botnet top-five TLDs for the first time

Kevin Murphy, January 21, 2022, Domain Registries

It is a truth universally acknowledged that the cheaper a TLD, the more likely it is to be abused by bad actors, and that may be what happened to .xxx in the fourth quarter.

SpamHaus listed .xxx as its fourth most-abused TLD for botnet command and control domains in its newly published Q4 statistics, a new entry on the top 20 table that raised researchers’ eyebrows.

From zero, .xxx went up to 223 C&C domains in the period, sandwiched between .ga’s 143 and .xyz’s 396, SpamHaus said. It worked out to 2.4% of .xxx’s active domains, the compamny said.

.com was of course still the runaway leader, with 3,719 C&C domains. .top came in second, with 715 domains.

SpamHaus said:

We don’t often see new TLD entries within the top five of this Botnet C&C Top 20; however, .xxx, an adult TLD, run by registry ICM, has entered at #4. With less than 10,000 active domains but a total of 223 domains associated with botnet C&C activity in Q4 we can only assume that there are problems.

It’s noteworthy because .xxx is not a cheap TLD. With wholesale prices around $60, they usually sell for around $100 a year. Botnet operators, like other types of malefactor, usually choose cheap domains for their activities.

But in 2021 .xxx was celebrating its 10th anniversary, and at least one company was offering names at a .com-equivalent $10 a year, starting in the middle of the year and extending into Q4.

While .xxx registry ICM is now owned by GoDaddy, it was still part of MMX at the time the pricing promotion began.

GoDaddy gets another year to negotiate .xxx contract

Kevin Murphy, December 15, 2021, Domain Registries

ICANN and GoDaddy seem to have missed their deadline for long-term renewal of their .xxx registry agreement for a second time.

The contract was extended earlier this week until December 15, 2022, giving the parties another full year to bash out whatever amendments are needed.

The initial deal, signed in 2011, was due to expire March 31, but was extended until today to give more time for renegotiation.

.xxx was the last gTLD approved prior to the 2012 application round, and as such it has a few differences to the standard gTLD contract.

The fee structure is particularly complicated; originally, the registry had to pay ICANN $2 per domain, to stuff ICANN’s war chest for anticipated litigation, but that has been reduced through amendments over the years.

ICANN is always keen to bring older contracts into line with the standard Registry Agreement.

The .xxx contract, like legacy gTLDs before it, will be subject to public comment before approval.

GoDaddy is currently pushing renewals for its AdultBlock trademark-protection services.

Virgin territory as GoDaddy pushes $30 million porn domain renewals

Kevin Murphy, November 16, 2021, Domain Registries

Brand owners big and small are in for a potential surprise December 1, as their 10-year-old .xxx domain blocks expire and registrars bill their customers to convert them into a new annually-renewing GoDaddy service.

GoDaddy confirmed to DI today that it will “auto-convert” the old Sunrise B blocks, first sold by ICM Registry in 2011, to its new AdultBlock service, which provides essentially the same functionality but across four TLDs rather than one.

Tony Kirsch, head of professional services at GoDaddy Registry, said:

Registrars have been contacting all the Sunrise B owners and advising them that as of December 1 they will be grandfathered and automatically converted into an AdultBlock service, but they have a choice to expire that or stop that happening prior to December 1.

And if it is that they don’t do that before December 1, we’ll still give them a grace period of at least 45 days. If that happens they can then, as you’d normally do, just turn around to the registrar and say “We don’t want that” and we will of course refund the money.

This means that GoDaddy, which acquired .xxx and ICM from MMX earlier this year, is billing its .xxx registrar partners to convert and renew what could be as many as 81,000 Sunrise B blocks.

While the registry fee for AdultBlock has not been published, retail registrars I checked have priced the service at $370 to $400 per year, which we can probably assume is low-end pricing. Most .xxx domains are sold via the specialist brand-protection registrars like CSC and Markmonitor, which sometimes have more complex pricing.

So that’s something in the ballpark of $30 million worth of renewal invoices being sent out in the coming weeks, for something in many cases brand owners may have institutionally forgot about.

Kirsch said that AdultBlock was introduced by MMX about 18 months ago and that registrars have been preparing their customers for the Sunrise B expiration for some time.

Sunrise B was a program, unprecedented in the industry at the time, whereby trademark owners could pay a one-off fee — ICM charged its registrars about $160 wholesale — to have their brands removed from the available pool.

The domains exist in the .xxx zone file and resolve to a black page bearing the words “This domain has been reserved from registration”, but they’re not registered and usable like normal defensive or sunrise registrations would be.

Companies got to avoid not only the potential embarrassment of being porn-squatted, but also the hassle of having to explain to a tabloid reporter why they “owned” the .xxx domain in question.

The term of the Sunrise B block was 10 years. ICM told me at the time that this was because the company’s initial registry contract with ICANN only lasted for 10 years, so it was legally unable to sell longer-term blocks, but I’ve never been sure how much I buy that explanation.

Regardless, that 10 year period comes to an end in two weeks.

Because Sunrise B was unprecedented, this first renewal phase is also unprecedented. We’re in virgin territory (pun, of course, very much intended) here.

Will we see the industry’s first public “block junk drop”?

There are a number of reasons to believe trademark owners, assuming they don’t just blindly pay their registrar’s invoices, would choose to allow their blocks to expire or to ask for a refund after the fact.

First, the price has gone up — a lot.

While ICM charged $160 for a 10-year Sunrise B block (maybe marked up by registrars to a few hundred bucks) brand owners can expect to pay something like $3,000 retail for a single string blocked for 10 years.

But buyers do get a bit more bang for their buck. Unlike Sunrise B, AdultBlock also blocks the trademark in three additional GoDaddy-owned TLDs — .porn, .sex and .adult — as standard.

Kirsch said he expects buyers to see a 40% to 50% saving compared to the cost of defensively registering each domain individually.

Second, the appetite for defensive registrations has waned over the past 10 years, with trademark owners employing more nuanced approaches to brand protection, largely due to the flood of new gTLDs since 2013.

When .adult, .sex and .porn launched, without the possibility of Sunrise B blocks, they got about 2,000 regular sunrise registrations each. And that’s extraordinarily high — for most new gTLDs a couple hundred was a good turnout.

Third, the .xxx launch attracted a whole lot of controversy and overreaction, and the .xxx zone file today contains a lot of Sunrise B crap.

When I scrolled a little through the zone, cherry-picking silly-looking blocks in 2019, I found these examples:

100percentwholewheatthatkidslovetoeat.xxx, 101waystoleaveagameshow.xxx, 1firstnationalmergersandacquisitions.xxx, 1stchoiceliquorsuperstore.xxx, 2bupushingalltherightbuttons.xxx, 247claimsservicethesupportyouneed30minutesguaranteed.xxx, 3pathpowerdeliverysystembypioneermagneticsinc.xxx

Is it worth $400 a year to block the trademark “100 Percent Whole Wheat That Kids Love To Eat”? Is there any real danger of a cybersquatter going after that particular brand (apart from the fact that I’ve now written about it twice)?

Kirsch said a “small percentage” of Sunrise B owners have already said they don’t want to convert, but given that the rest will auto-convert, and that the registrars are doing all the customer-facing stuff, the company has limited visibility into likely uptake.

Brian King, director of policy at MarkMonitor, told us: “We generally encourage our clients to consider blocks. They can be cost effective and a lot of times clients would rather have their brand be unavailable without having to register in TLDs where they don’t want to own domain registrations for any number of reasons.”

One reason brand owners may want to consider converting to AdultBlock — it’s rumored that GoDaddy will be relaxing its eligibility criteria for .xxx next year, removing the requirement for registrants to have a nexus to the porn industry.

It’s always been kind of a bullshit rule, basically a hack to allow ICM to run a “sponsored” TLD under ICANN’s rules from the 2003 application round, but doing away with it would potentially make it easier for cybersquatters to get their hands on .xxx domains.

CSC told customers in a recent webinar that the rules are likely to be changed next year, increasing the risk of cybersquatting.

There’s some circumstantial evidence to suggest that CSC might be on to something — pretty much every “sponsored” gTLD from the same 2003 application round as .xxx has relaxed their reg rules to some extent, sometimes when their contracts come up for renewal and ICANN tries to normalize them with the text of the standard 2012-round agreement.

And GoDaddy’s .xxx contract with ICANN is being renegotiated right now. It was due to expire in March, but it was extended in February until December 15, a little under a month from now. We may soon see ICANN open up the new text for public comment.

Kirsch, who’s not part of the negotiations, could not confirm that the eligibility relaxation is going to happen or that it’s something GoDaddy is pushing for.

If it were to happen, it wouldn’t be for some time, and it wouldn’t necessarily impact on the December 1 deadline for Sunrise B conversions, which is going to be interesting to watch in its own right.

“There are registrations that are protecting people’s trademarks that are expiring and our primary objective here is to ensure that that protection continues, and that’s what we’ll do,” GoDaddy’s Kirsch said.

“If we just let them expire, it would create a lot of opportunity for brand infringement. Faced with that choice, our primary objective is to protect trademark owners,” he said.

10 Years Ago… new gTLDs, ICANN pay, DNS abuse and ethics

Kevin Murphy, October 11, 2021, Domain Policy

The more things change, the more they stay the same.

I’ve been in a reflective mood recently, and it’s a slow news day, so I thought now might be a good time to launch a new, irregular feature — a trawl back through the DI archives to see what we were all talking about a decade ago this month.

In many respects, the conversations haven’t changed all that much in the last 10 years. Some are being repeated almost verbatim today. Others seem almost laughably naive with hindsight.

New TLDs

We were just a few months away from the opening of the first big new gTLD application window, but in October 2011 many of the rules of the program were, remarkably, still up in the air.

ICANN still hadn’t decided how much an application would cost. It had yet to decide how it would subsidize poorer applicants.

No Trademark Clearinghouse supplier had yet been found, and there was still some confusion about how the application process would work, and how it would be communicated to potential applicants.

The industry was awash with speculation, as it had been for the whole year, about who might apply for a gTLD. In October, there were stories about potential applications from New South Wales, Orange, Corsica, and BITS.

Afilias was offering $5,000 for new gTLD ideas.

But perhaps the strangest idea was a pitch from CentralNic to the super-rich. For $500,000, it would apply for your family name as a new gTLD. This came to nothing in the 2012 round, but CentralNic’s site is still live.

While new gTLDs were still in the future, October 2011 saw the ongoing sunrise period for the previous round’s .xxx, auctions following the recent launch of .co, and the creation of two new ccTLDs.

Abuse

October 2011 was marked by the registrar community reluctantly agreeing to enter talks with ICANN to renegotiate their standard Registrar Accreditation Agreement, which would ultimately lead to the current 2013 RAA.

The move came as the Governmental Advisory Committee was on the warpath on behalf of its law enforcement allies, demanding more action from the industry on DNS abuse and threatening legislation if it didn’t happen.

Imagine that.

Meanwhile, Verisign asked ICANN for more powers to take down abusive domains, which faced immediate pushback from registrars and others, before the request was retracted mere days later.

The Revolving Door

There was a lot of talk during and around ICANN 42 about conflicts of interest, particular with regards the emergence of a so-called “revolving door” between ICANN’s top brass and the domain industry.

It had been just a few months since chair Peter Dengate Thrush had, on the eve of his retirement from the board, pushed through final approval of the new gTLD program and promptly took a top job at portfolio applicant Minds + Machines.

It looked rotten, and ICANN CEO Rod Beckstrom, who had himself announced he was quitting just months earlier, had made its his personal mission to reduce at least the perception of conflicts of interest at the Org.

He ruled out being replaced by a fellow director, threw money at consultants, and said the next CEO should be an industry outsider.

It was probably all pointless.

As it turned out, the guy who replaced Beckstrom, Fadi Chehade, put in a few years in the corner office before prematurely quitting for private equity, where he now runs the company that owns Donuts, itself run by Chehade’s ICANN number two, Akram Atallah.

The amount of revolving door action at less-senior levels has been so frequent since 2011 that I don’t even keep track of it any more.

ICANN Pay

ICANN gave its top execs big pay raises. Along with death and taxes, this is a universal constant.

GoDaddy rides another 21 gTLDs into its stable

Kevin Murphy, July 28, 2021, Domain Services

GoDaddy may have disavowed the domain registry business for much of the last decade, but it’s fast becoming one of the largest registry operators out there.

The company’s GoDaddy Registry unit this week took over the ICANN contracts for 21 more gTLDs, bringing the number of TLDs it either contracts for or technically manages close to the 200 milestone.

As well as taking on new gTLD success story .club, it’s also signed the Registry Agreements for 19 more strings formerly belonging to MMX, aka Minds + Machines, which plans to bow out of the industry after 10 years in business.

The MMX TLDs being moved are: .law, .abogado (“lawyer” in Spanish), .beer, .casa (“home” in Spanish), .cooking, .dds (“dentists” in American), .fashion, .fishing, .fit, .garden, .horse, .luxe, .rodeo, .surf, .vip, .vodka, .wedding, .work, and .yoga.

GoDaddy took over the back-end for .xxx, .porn, .adult and .sex, belonging to former MMX subsidiary .ICM Registry, last week.

The remaining string to enter the portfolio is .design, which GoDaddy acquired from Top Level Design, which is still a going concern with its small portfolio of gTLDs.

There are still a few MMX TLDs that have not moved over, all of which appear to be the geographic strings it operates in partnership with local government backers. These will need additional clearances before transfer.

While GoDaddy has taken over the registry contracts for the 19 MMX TLDs listed above, their back-ends are still Nominet, according to IANA records. Clearly, that will change in future.

The MMX deal was worth $120 million. The values of the .design and .club deals were not disclosed.

GoDaddy welcomes four porn TLDs

GoDaddy may not have the raunchy public image it once promoted, but it’s now the official registry for tens of thousands of porn-related domain names.

The gTLDs .xxx, .porn, .adult and .sex made the move from UNR’s back-end to GoDaddy Registry this week, IANA records show.

These almost certainly the TLDs that MMX was talking about last week when it said it had ICANN approval to reassign four contracts, which it did not name.

IANA records still show the sponsor as ICM Registry for all four, suggesting the deal was structured a little differently to the 20-odd other gTLDs in MMX’s portfolio, which are still with MMX.

MMX said earlier this year that it was selling its entire portfolio to GoDaddy for at least $120 million.

.xxx, which launched the earliest — pre-2012 — is the largest of the TLDs, with around 55,000 names under management. .porn has about 10,000 and the other two have about 8,000 each.

MMX gets nod to sell 22 gTLDs to GoDaddy

New gTLD registry MMX expects to shortly offload most of its portfolio of strings to GoDaddy Registry after receiving ICANN approvals.

The company said today that its transfer requests for four of its gTLD contracts have received full ICANN approval.

Another 18 have received conditional ICANN approval, and MMX believes it has met these unspecified conditions.

Another five of its stable that are not fully owned and operated still require the nod from its partners.

MMX said in April that it planned to sell its entire portfolio to GoDaddy, after which it is expected the company will be wound down.

The company did not break down which transfer have received full approval, conditional approval, or are still waiting for approval.

It gTLDs are: .cooking, .fishing, .horse, .miami, .rodeo, .vodka, .beer, .luxe, .surf, .nrw, .work, .budapest, .casa, .abogado, .wedding, .yoga, .fashion, .garden, .fit, .vip, .dds, .xxx, .porn, .adult, .sex, .boston, .london and .bayern.

Verisign hopeful after decision reached in .web gTLD case

Kevin Murphy, May 25, 2021, Domain Policy

The fate of .web has been decided, over 20 years after it was first applied for, and Verisign thinks it might emerge triumphant.

The company said last night that the ICANN Independent Review Panel handling the case of Afilias v ICANN reached a decision May 20 and delivered it to Verisign the following day.

Verisign says the panel “dismissed Afilias’ claims for relief seeking to invalidate the .web auction and to award the .web TLD to Afilias, concluding that such issues were beyond its jurisdiction.”

Sounds good for Verisign so far. Afilias wanted its $135 million bid for .web, submitted via an intermediary called Nu Dot Co, thrown out due to claims that ICANN violated its own bylaws by not sufficiently vetting the bidder.

But Verisign goes on to say “the panel’s ruling recommends that ICANN’s Board of Directors consider the objections made about the .web auction and then make a decision on the delegation of .web”.

It adds that the panel found that ICANN violated its fairness and transparency commitments:

With respect to ICANN, the ruling finds that certain actions and/or inaction by ICANN in response to Afilias’ objections violated aspects of ICANN’s bylaws related to transparency and fairness. These findings are particular to ICANN’s actions and not conduct by Verisign. Verisign anticipates that ICANN’s Board will review the panel’s ruling and proceed consistent with the panel’s recommendation to consider the objections and make a decision on the delegation of .web.

Based on Verisign’s statements, it seems that ICANN lost, but Afilias didn’t win.

The revelation was buried in a Securities and Exchange Commission filing on an unrelated financial matter last night. Hat tip to @jintlaw for spotting and tweeting about it.

It’s the most eagerly anticipated IRP ruling since 2011’s .xxx case, but in stark contrast to Rod “let’s draft this tweet” Beckstrom-era ICANN, where the decision was posted in a matter of hours, the 2021 org has not yet posted the panel’s findings or made a public statement acknowledging the ruling.

Verisign says it intends to “vigorously pursue” .web, but “can provide no assurance” as to which way the ICANN board of directors will swing.

Now celebrities and politicians can block their porn names

Celebrities and holders of unregistered trademarks are now able to buy porn domain blocks from MMX.

The company’s subsidiary, ICM Registry, has broadened its eligibility criteria in order to shift more units of the product, upon which it is banking much of its growth hopes.

Previously, to get an AdultBlock subscription you either had to have previously blocked your brand using ICM’s Sunrise B scheme, which ran in 2011, or to have a trademark registered in the Trademark Clearinghouse.

Now, you don’t need to be in the TMCH, and your trademark does not even need to be legally registered.

Celebrities and politicians are explicitly covered. They have to provide evidence to prove their fame, such as IMDB profiles or movie posters. Politicians need to provide links or documentation proving their political activities or government roles.

AdultBlock prevents brands being registered in MMX’s .porn, .adult, .xxx and .sex gTLDs, as an alternative to defensive registrations. The AdultBlock+ service also blocks homographs.

When .xxx launched a decade ago, thousands of celebrity names, largely harvested from Wikipedia, were blocked by default and free of charge.

ICM even blocked the names of 2011-era ICANN executives and directors. Then-CEO Rod Beckstrom benefited from a block on rodbeckstrom.xxx that survives to this day. Current CEO Göran Marby does not appear to have afforded the same privilege.

My name is also blocked, because it’s a match with goodness knows how many famous people called Kevin Murphy.

Despite the obviously sensitive nature of the TLDs for many brands, there’s been very little cybersquatting in .xxx in the near-decade since its launch. There have been a few dozen UDRP complaints, and most of those were filed in 2012.

MMX, amid poor renewals for its less porny gTLDs, has placed a lot of focus on AdultBlock renewals for its short-term growth.

The company is in the process of having its assets acquired by GoDaddy for $120 million, with the deal expected to close in August, subject to various approvals.

MMX’s year marked by terrible renewals

MMX saw its revenue dip in 2020, and it reported shocking renewal rates at two of its highest-volume gTLDs, according to the company’s annual financial results, published this morning.

The portfolio registry, which is in the process of selling off essentially its entire operating business to GoDaddy, reported revenue of $16.8 million for the year, down from $17.2 million in 2019.

Profit was up very slighty, to $2.9 million from $2.8 million.

The 2019 results included a few one-off gains, including $588,000 from losing a new gTLD auction, which accounted for most of the 2020 revenue decline.

But the company also reported a 19% decline in domains under management, from 2.46 million to 1.99 million, based on some terrible renewal rates in its .vip and .work gTLDs.

The DUM decline can be attributed mostly to .vip, a popular TLD among Chinese speculators, which started 2020 with around 1.4 million domains but finished the year with just over a million.

.work actually ended the year up on where it started, with around 709,000 names under management.

But MMX today disclosed that the renewal rates for .vip and .work were 36% and 18% respectively. In a business where 70%+ is considered healthy, these are some poor numbers indeed.

However, the company discontinued first-year promotions on these TLDs in 2020, focusing instead on selling domains likely to lead to recurring renewal revenue, which lead to 14% (.vip) and 19% (.work) increases in revenue.

Fewer domains. More money.

MMX said that it is seeing these trends continuing into 2021. Public transaction reports show both these TLDs losing 40-50,0000 names in January. The company expects revenue to fall 4% in the first quarter compared to Q1 2020.

One bright spot appears to be “The Great Relese”, the company’s move last month to mark down hundreds of thousands of premium-priced domains. That’s brought in $170,000 since its April 23 launch.

One basket where the company is placing a lot of its eggs is AdultBlock, the trademark protection service it inherited when it acquired ICM Registry a few years back. It enables customers to block their brands in .xxx, .porn, .adult and .sex without actually having to register the names.

The 10-year period ICM allowed brands to block when it launched in 2011 is coming to an end, so MMX is banking on renewals (which retail at $349 to $799 per year before multi-year discounts) to boost revenue.

“While it is early in the AdultBlock Sunrise B renewal period, we are encouraged by Registrar interest and some early sales of this product,” CEO Tony Farrow said in a statement.

This reliance on AdultBlock for short-term organic growth was one of the reasons MMX is selling up to GoDaddy.

The market-leading registrar and fast-emerging registry consolidator agreed to pay $120 million for MMX’s portfolio, which will leave MMX as a shell company only long enough to distribute the cash to investors before fading away quietly.

That deal has an August deadline to close and is dependent on approvals from business partners, ICANN and the Chinese government.